On Tue, Jan 18, 2011 at 1:15 PM, David Collier
<[email protected]> wrote:
> Denys,
>
> If I want to reproduce the effect whereby setting the s bit on the
> busybox exe allows all applets to run as root....
>
> is the best patch to simply comment out those 2 lines you pointed to?
The best practice is to switch off FEATURE_SUID. Here is its help text:
config FEATURE_SUID
bool "Support for SUID/SGID handling"
default y
help
With this option you can install the busybox binary belonging
to root with the suid bit set, enabling some applets to perform
root-level operations even when run by ordinary users
(for example, mounting of user mounts in fstab needs this).
Busybox will automatically drop priviledges for applets
that don't need root access.
If you are really paranoid and don't want to do this, build two
busybox binaries with different applets in them (and the appropriate
symlinks pointing to each binary), and only set the suid bit on the
one that needs it.
The applets which require root rights (need suid bit or
to be run by root) and will refuse to execute otherwise:
crontab, login, passwd, su, vlock, wall.
The applets which will use root rights if they have them
(via suid bit, or because run by root), but would try to work
without root right nevertheless:
findfs, ping[6], traceroute[6], mount.
Note that if you DONT select this option, but DO make busybox
suid root, ALL applets will run under root, which is a huge
security hole (think "cp /some/file /etc/passwd").
Unfortunately, there is a bug which prevents disabling EATURE_SUID
in many cases.
Here is the fix:
http://busybox.net/downloads/fixes-1.18.2/busybox-1.18.2-buildsys.patch
--
vda
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
