On Sunday 12 August 2012 05:37:03 Harald Becker wrote: > Hi All ! > > >I think some strace or gdb or valgrind is needed > >to see what this memory refers to. > > As this machine is not installed for development those debugging aids > are not available ... but I fiddled a bit and got strace running ... > > ... first result: Running the script via strace did not trigger the > error and gives correct result! > > ... second result: Running the script as user root does not trigger the > error and gives correct result! > > Digging into libbb/appletlib.c let to the assumption the bug depends on > the suid feature of Busybox. > > Giving read access to /etc/busybox.conf for everybody allowed me to > catch the bug with strace (w.out appended). [with simplified script, > only failing awk call, all other stuff removed] > > Looks like the preferred applet feature triggers a permission violation > for BB_SUID_DROP applets if not invoked by root (and no entry for > applet in busybox.conf). > > Replacing xsetgid/xsetuid in appletlib.c with setresgid/setresuid > changes behavior and gives "Segmentation fault" instead of glibc > detected error. So my assumption is, we got some trouble depending on > setting of uid (real, effective, saved). setuid works different if > called as root or as normal user and may not set the effective/saved > uid fields (as done when there is an entry in busybox.conf). > > Can anybody with libb knowledge look into this? > > -- > Harald
Hi, can you run it again after disabling ENABLE_FEATURE_SUID_CONFIG just to be sure, as in this case there should be no error. This would narrow down our search. If I understood correctly the bug is triggered when: /etc/busybox.conf -rw-r--r-- and is not triggered when /etc/busybox.conf -rw------- It is also not triggered if /etc/busybox.conf is missing as in my case Just out of curiosity what are your busybox binary permissions? Ciao, Tito _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
