From owner-cvs-all@FreeBSD.ORG  Sun Nov 16 23:09:28 2003
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 08AF916A4D1
	for <cvs-all@FreeBSD.ORG>; Sun, 16 Nov 2003 23:09:28 -0800 (PST)
Received: from rootlabs.com (root.org [67.118.192.226])
	by mx1.FreeBSD.org (Postfix) with SMTP id 4E6BA44015
	for <cvs-all@FreeBSD.ORG>; Sun, 16 Nov 2003 23:07:08 -0800 (PST)
	(envelope-from nate@rootlabs.com)
Received: (qmail 59074 invoked by uid 1000); 17 Nov 2003 07:06:57 -0000
Date: Sun, 16 Nov 2003 23:06:57 -0800 (PST)
From: Nate Lawson <nate@root.org>
To: David Schultz <das@FreeBSD.ORG>
In-Reply-To: <20031117064036.GA51447@VARK.homeunix.com>
Message-ID: <20031116230605.S59017@root.org>
References: <200311170639.hAH6dduA076667@repoman.freebsd.org>
 <20031117064036.GA51447@VARK.homeunix.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: cvs-src@FreeBSD.ORG
cc: src-committers@FreeBSD.ORG
cc: cvs-all@FreeBSD.ORG
Subject: Re: cvs commit: src/sbin/nologin Makefile nologin.c nologin.sh
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Nov 2003 07:09:28 -0000

On Sun, 16 Nov 2003, David Schultz wrote:
> On Sun, Nov 16, 2003, David Schultz wrote:
> >   Modified files:
> >     sbin/nologin         Makefile
> >   Added files:
> >     sbin/nologin         nologin.c
> >   Removed files:
> >     sbin/nologin         nologin.sh
> >   Log:
> >   Reimplement nologin(8) as a C program.  This allows us to statically
> >   link it at low cost and avoid environment poisoning attacks associated
> >   with LD_LIBRARY_PATH.
>
> For those who care, here are the relevant sizes to the nearest kilobyte:
>
> 	24K	static C program
> 	5K	dynamic C program
> 	2K	shell script
> 	1K	assembly program
>
> The bloat in the static version is due to crt0 pulling in atexit(),
> which in turn depends on malloc(), free(), and some pthread mutex code.

Tim Kientzle floated some patches to remove this dependency about a year
ago but they never got committed.  Perhaps now that he's done with the
dynamic root work, he can clean them up and commit them.

-Nate