config CONFIG_FEATURE_SUID_CONFIG
bool "Runtime SUID/SGID configuration via /etc/busybox.conf"
- default y if CONFIG_FEATURE_SUID
+ default n if CONFIG_FEATURE_SUID
depends on CONFIG_FEATURE_SUID
help
Allow the SUID / SGID state of an applet to be determined runtime by
checking /etc/busybox.conf. The format of this file is as follows:
<applet> = [Ssx-][Ssx-][x-] (<username>|<uid>).(<groupname>|<gid>)
-
+
An example might help:
[SUID]
cp = --- # disable applet cp for everyone
+ The file has to be owned by user root, group root and has to be
+ writeable only by root:
+ (chown 0.0 /etc/busybox.conf; chmod 600 /etc/busybox.conf)
+ The busybox executable has to be owned by user root, group
+ root and has to be setuid root for this to work:
+ (chown 0.0 /bin/busybox; chmod 4755 /bin/busybox)
+
Robert 'sandman' Griebl has more information here:
<url: http://www.softforge.de/bb/suid.html >.