> On 2017-11-02, at 08:26 , Denys Vlasenko <[email protected]> wrote: > > On Wed, Nov 1, 2017 at 2:28 AM, Jack Schmidt <[email protected]> wrote: >> I believe I have found a bug in the current version of busybox. >> >> When: >> * an applet is marked NOEXEC, >> * busybox is configured with CONFIG_FEATURE_SH_STANDALONE=y, and >> * busybox's ash is asked to do "ENV_VAR=newval no_exec_app" >> Then the no_exec app is not called with the new environment. >> >> This affects git master d5c1482fbac71c51e3add52632cdf1f9f9e6661b and >> 1:1.21.0-1ubuntu1 >> >> To reproduce from git (on linux): >> >> git pull >> make defconfig >> sed -i 's/# CONFIG_FEATURE_SH_STANDALONE is not >> set/CONFIG_FEATURE_SH_STANDALONE=y/' .config >> make >> ./busybox ash -c 'BUG=1 head /proc/self/environ | grep -q BUG && echo ok || >> echo bug' >> ./busybox ash -c 'BUG=1 ./busybox head /proc/self/environ | grep -q BUG && >> echo ok || echo bug' >> >> The first echoes "bug" because the environment is not set. > > I reproduced this. > > The problem here is that /proc/self/environ is not the environment > as seen by C code. It is the memory area of the process where *initial > environment > variables* are stored (IIRC it is located in the top part of the stack area). > > When NOEXEC applet is executed, the environment *is* set up correctly, > but on the C > language level: environ[] array is updated. The *initial environment* > is not updated. > Therefore, /proc/self/environ does not show new added variables.
Thanks, that makes sense and seems hard to fix, especially portably. > >> Alpine linux uses a similar command to check if /proc is really mounted, or >> is just a semi-convincing fake. With CONFIG_FEATURE_SH_STANDALONE, real >> /proc registers as a fake. > > Please tell me more. What exactly Alpine is doing. On Alpine, this is /lib/rc/sh/init.sh but maybe it is on Gentoo as well. OpenRC may pride itself on busybox compatibility, so maybe it is still worth fixing (either in busybox or openrc). https://github.com/OpenRC/openrc/blob/master/sh/init.sh.Linux.in#L34 f=/proc/self/environ if [ -e $f ]; then if $got_md5sum && [ "$(VAR=a md5sum $f)" = "$(VAR=b md5sum $f)" ]; then eerror "You have cruft in /proc that should be deleted" One can replace the 'md5sum $f' with 'cat $f|md5sum' and things are fine, since cat is not NOEXEC. Alpine normally does not notice this problem as its busybox is not configured as standalone. _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
