Document nologin(8) as being insecure in conjunction with a dynamic

root and suggest alternatives.
svn path=/head/; revision=122822
2003-11-17 00:08:28 +00:00 · 2003-11-17 00:08:28 +00:00 · 4240849261 · 2020-12-20 02:59:44 +00:00
commit 4240849261
parent 0ec3db3072
2 changed files with 30 additions and 0 deletions
--- a/sbin/nologin/nologin.8
+++ b/sbin/nologin/nologin.8
@ -59,3 +59,18 @@ The
 .Nm
 utility appeared in
 .Bx 4.4 .
+.Sh BUGS
+Login mechanisms that allow users to specify the initial environment,
+such as
+.Xr login 1
+and
+.Xr sshd 8 ,
+can be used to bypass
+.Nm .
+To avoid this possibility, you must use a different lockout mechanism
+such as
+.Xr login.conf 5
+or compile a statically-linked
+.Xr sh 1
+as described in
+.Xr make.conf 5 .
--- a/usr.sbin/nologin/nologin.8
+++ b/usr.sbin/nologin/nologin.8
@ -59,3 +59,18 @@ The
 .Nm
 utility appeared in
 .Bx 4.4 .
+.Sh BUGS
+Login mechanisms that allow users to specify the initial environment,
+such as
+.Xr login 1
+and
+.Xr sshd 8 ,
+can be used to bypass
+.Nm .
+To avoid this possibility, you must use a different lockout mechanism
+such as
+.Xr login.conf 5
+or compile a statically-linked
+.Xr sh 1
+as described in
+.Xr make.conf 5 .