Hallo David! > I've heard of stuff like wheel, but as far as I can see that doesn't > help.... you never become "real root" If you run a program suid root you can get real user root using setresuid() function and do an exec to run another program with full root permissions. That is, how most of those (unexpected) back doors work (happen).
Hint: Setup a daemon on your system listening on a tcp/udp socket of localhost address or a unix domain socket. Run a small stub program as part of your web page access to contact your local system daemon (I got that working in the past, using shell scripts and netcat). Let your daemon (running as root) do any required work or (better) run any required program to do the requested work with the least possible user privileges. busybpx has tcpsrvd which work fine as daemon in that situation running (another) busybox shell script to do the work (accepting commands from the stub using read built-in and responding using echo built-in). Doing it that way and using netcat from a shell CGI script you do not need to write any extra code beside busybox :-) ... ok, it's slow and requires a lot of memory for those requests, but it works if you have those resources. Memory is always reclaimed after processing of the request (daemon script exits, tcpsrvd respawns on next request). -- Harald _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
