busybox-1.0.1-rc1.patch

[oweals/busybox.git] / busybox / sysdeps / linux / Config.in

diff --git a/busybox/sysdeps/linux/Config.in b/busybox/sysdeps/linux/Config.in
index 744a84d18f42d771fa68459b67deb9b255c37127..0c10de928fa9642954b73aaee558eb550204f318 100644 (file)
--- a/busybox/sysdeps/linux/Config.in
+++ b/busybox/sysdeps/linux/Config.in
@@ -94,14 +94,14 @@ config CONFIG_FEATURE_SUID
 
 config CONFIG_FEATURE_SUID_CONFIG
        bool "Runtime SUID/SGID configuration via /etc/busybox.conf"
-       default y if CONFIG_FEATURE_SUID
+       default n if CONFIG_FEATURE_SUID
        depends on CONFIG_FEATURE_SUID
        help
          Allow the SUID / SGID state of an applet to be determined runtime by
          checking /etc/busybox.conf.  The format of this file is as follows:
 
          <applet> = [Ssx-][Ssx-][x-] (<username>|<uid>).(<groupname>|<gid>)
-       
+
          An example might help:
 
          [SUID]
@@ -113,6 +113,13 @@ config CONFIG_FEATURE_SUID_CONFIG
 
          cp = --- # disable applet cp for everyone
 
+         The file has to be owned by user root, group root and has to be
+         writeable only by root:
+               (chown 0.0 /etc/busybox.conf; chmod 600 /etc/busybox.conf)
+         The busybox executable has to be owned by user root, group
+         root and has to be setuid root for this to work:
+               (chown 0.0 /bin/busybox; chmod 4755 /bin/busybox)
+
          Robert 'sandman' Griebl has more information here:
          <url: http://www.softforge.de/bb/suid.html >.