18fae3551SRodney W. Grimes# @(#)Makefile 8.2 (Berkeley) 4/22/94 20a5779d4SRuslan Ermilov# $FreeBSD$ 38fae3551SRodney W. Grimes 471ff2d08SDavid SchultzPROG= nologin 50a5779d4SRuslan ErmilovMAN= nologin.5 nologin.8 68fae3551SRodney W. Grimes 7*ce9f2d31SRodney W. GrimesSYMLINKS= ..${BINDIR}/nologin /sbin/nologin 8432b2d95SColin Percival 971ff2d08SDavid Schultz# It is important that nologin be statically linked for security 1071ff2d08SDavid Schultz# reasons. A dynamic non-setuid binary can be linked against a trojan 1171ff2d08SDavid Schultz# libc by setting LD_LIBRARY_PATH appropriately. Both sshd(8) and 1271ff2d08SDavid Schultz# login(1) make it possible to log in with an unsanitized environment, 1371ff2d08SDavid Schultz# rendering a dynamic nologin binary virtually useless. 1483c7ade9SRuslan ErmilovNO_SHARED= YES 1571ff2d08SDavid Schultz 168fae3551SRodney W. Grimes.include <bsd.prog.mk> 17