171ff2d08SDavid SchultzPROG= nologin 20a5779d4SRuslan ErmilovMAN= nologin.5 nologin.8 38fae3551SRodney W. Grimes 4*ce9f2d31SRodney W. GrimesSYMLINKS= ..${BINDIR}/nologin /sbin/nologin 5432b2d95SColin Percival 671ff2d08SDavid Schultz# It is important that nologin be statically linked for security 771ff2d08SDavid Schultz# reasons. A dynamic non-setuid binary can be linked against a trojan 871ff2d08SDavid Schultz# libc by setting LD_LIBRARY_PATH appropriately. Both sshd(8) and 971ff2d08SDavid Schultz# login(1) make it possible to log in with an unsanitized environment, 1071ff2d08SDavid Schultz# rendering a dynamic nologin binary virtually useless. 1183c7ade9SRuslan ErmilovNO_SHARED= YES 1271ff2d08SDavid Schultz 138fae3551SRodney W. Grimes.include <bsd.prog.mk> 14