Your message dated Wed, 08 Dec 2010 12:42:25 +0300
with message-id <[email protected]>
and subject line Re: Bug#334672: busybox-static: Using fallback suid method
has caused the Debian Bug report #334672,
regarding busybox-static: Using fallback suid method
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
334672: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=334672
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: busybox-static
Version: 1:1.01-3
Severity: normal
$ busybox sh
Using fallback suid method
BusyBox v1.01 (Debian 1:1.01-3) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
~ $ su
Using fallback suid method
su: This applet requires root priviledges!
$ cd ~/busybox-1.01
debian/config-static:CONFIG_FEATURE_SUID=y
debian/config-static:CONFIG_FEATURE_SUID_CONFIG=y
sysdeps/linux/Config.in :
config CONFIG_FEATURE_SUID_CONFIG
bool "Runtime SUID/SGID configuration via /etc/busybox.conf"
default n if CONFIG_FEATURE_SUID
depends on CONFIG_FEATURE_SUID
help
Allow the SUID / SGID state of an applet to be determined runtime by
checking /etc/busybox.conf. The format of this file is as follows:
<applet> = [Ssx-][Ssx-][x-] (<username>|<uid>).(<groupname>|<gid>)
An example might help:
[SUID]
su = ssx root.0 # applet su can be run by anyone and runs with
euid=0/egid=0
su = ssx # exactly the same
mount = sx- root.disk # applet mount can be run by root and members
of group disk
# and runs with euid=0
cp = --- # disable applet cp for everyone
The file has to be owned by user root, group root and has to be
writeable only by root:
(chown 0.0 /etc/busybox.conf; chmod 600 /etc/busybox.conf)
The busybox executable has to be owned by user root, group
root and has to be setuid root for this to work:
(chown 0.0 /bin/busybox; chmod 4755 /bin/busybox)
Robert 'sandman' Griebl has more information here:
<url: http://www.softforge.de/bb/suid.html >.
busybox isn't suid and there's no /etc/busybox.conf
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (900, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-rc4-git4
Locale: lang=fr...@euro, lc_ctype=fr...@euro (charmap=ISO-8859-15)
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 1:1.17.1-8
19.10.2005 11:41, Jean Charles Delépine wrote:
> Package: busybox-static
> Version: 1:1.01-3
> Severity: normal
>
> $ busybox sh
> Using fallback suid method
> debian/config-static:CONFIG_FEATURE_SUID=y
> debian/config-static:CONFIG_FEATURE_SUID_CONFIG=y
This has been fixed - at least current version in squeeze
(1:1.17.1-8) now has a (new) config option enabled,
ONFIG_FEATURE_SUID_CONFIG_QUIET=y.
So closing this (5 years old) bug now.
Thanks!
/mjt
--- End Message ---
