From owner-cvs-all@FreeBSD.ORG Mon Nov 17 13:07:50 2003 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 706F616A4CE; Mon, 17 Nov 2003 13:07:50 -0800 (PST) Received: from smtp.omnis.com (smtp.omnis.com [216.239.128.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id B88D043FBD; Mon, 17 Nov 2003 13:07:45 -0800 (PST) (envelope-from wes@softweyr.com) Received: from salty.rapid.stbernard.com (corp-2.ipinc.com [199.245.188.2]) by smtp-relay.omnis.com (Postfix) with ESMTP id 44D9D72D94; Mon, 17 Nov 2003 13:07:15 -0800 (PST) From: Wes Peters Organization: Softweyr.com To: David Schultz , src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Date: Mon, 17 Nov 2003 13:07:34 -0800 User-Agent: KMail/1.5.2 References: <200311170639.hAH6dduA076667@repoman.freebsd.org> <200311171301.45679.wes@softweyr.com> In-Reply-To: <200311171301.45679.wes@softweyr.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200311171307.34933.wes@softweyr.com> Subject: Re: cvs commit: src/sbin/nologin Makefile nologin.c nologin.sh X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Nov 2003 21:07:50 -0000 On Monday 17 November 2003 13:01, Wes Peters wrote: > On Sunday 16 November 2003 22:39, David Schultz wrote: > > das 2003/11/16 22:39:39 PST > > > > FreeBSD src repository > > > > Modified files: > > sbin/nologin Makefile > > Added files: > > sbin/nologin nologin.c > > Removed files: > > sbin/nologin nologin.sh > > Log: > > Reimplement nologin(8) as a C program. This allows us to > > statically link it at low cost and avoid environment poisoning > > attacks associated with LD_LIBRARY_PATH. > > I suppose adding the logging done by the sysutils/no-login port would > make the program objectionably large. Sigh. Several times over the > past five years I considering asking if we should just import my > nologin and be done with it; each time I didn't pursue it because it > wasn't worth the bikeshed. Sorry to follow up to myself, I just wanted to note that syslog and getopt don't seem to add much to the size of the executable: wpeters@salty> size nologin text data bss dec hex filename 1845 260 36 2141 85d nologin wpeters@salty> ls -l nologin -rwxr-xr-x 1 root wheel 5430 Nov 17 13:03 nologin* wpeters@salty> sudo strip nologin wpeters@salty> ls -l nologin -rwxr-xr-x 1 root wheel 3796 Nov 17 13:05 nologin* wpeters@salty> ldd nologin nologin: libc.so.5 => /usr/lib/libc.so.5 (0x2806b000) So this may be worth the bikeshed^W^Wconsidering after the thaw. Certainly not important enough to slushie. -- "Where am I, and what am I doing in this handbasket?" Wes Peters wes@softweyr.com