From 3b5acaa4323bd165077e60098af94ad9750d62fd Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Tue, 18 Jan 2011 13:52:48 +0100 Subject: [PATCH] disable automatic selection of FEATURE_SUID; improve its help text Signed-off-by: Denys Vlasenko --- Config.in | 16 ++++++++++++---- include/applets.src.h | 2 ++ loginutils/Config.src | 4 ---- miscutils/Config.src | 1 - util-linux/Config.src | 2 -- 5 files changed, 14 insertions(+), 11 deletions(-) diff --git a/Config.in b/Config.in index 140572e2d..1109b1016 100644 --- a/Config.in +++ b/Config.in @@ -328,10 +328,18 @@ config FEATURE_SUID symlinks pointing to each binary), and only set the suid bit on the one that needs it. - The applets currently marked to need the suid bit are: - - crontab, dnsd, findfs, ipcrm, ipcs, login, passwd, ping, su, - traceroute, vlock. + The applets which require root rights (need suid bit or + to be run by root) and will refuse to execute otherwise: + crontab, login, passwd, su, vlock, wall. + + The applets which will use root rights if they have them + (via suid bit, or because run by root), but would try to work + without root right nevertheless: + findfs, ping[6], traceroute[6], mount. + + Note that if you DONT select this option, but DO make busybox + suid root, ALL applets will run under root, which is a huge + security hole (think "cp /some/file /etc/passwd"). config FEATURE_SUID_CONFIG bool "Runtime SUID/SGID configuration via /etc/busybox.conf" diff --git a/include/applets.src.h b/include/applets.src.h index 691e097c1..2481fe67f 100644 --- a/include/applets.src.h +++ b/include/applets.src.h @@ -18,6 +18,8 @@ s - suid type: _BB_SUID_MAYBE: neither of the above (every instance of _BB_SUID_REQUIRE and _BB_SUID_MAYBE needs to be justified in comment) + NB: please update FEATURE_SUID help text whenever you add/remove + _BB_SUID_REQUIRE or _BB_SUID_MAYBE applet. */ #if defined(PROTOTYPES) diff --git a/loginutils/Config.src b/loginutils/Config.src index 8158bce74..4c771bbc4 100644 --- a/loginutils/Config.src +++ b/loginutils/Config.src @@ -186,7 +186,6 @@ config GETTY config LOGIN bool "login" default y - select FEATURE_SUID select FEATURE_SYSLOG help login is used when signing onto a system. @@ -229,7 +228,6 @@ config FEATURE_SECURETTY config PASSWD bool "passwd" default y - select FEATURE_SUID select FEATURE_SYSLOG help passwd changes passwords for user and group accounts. A normal user @@ -265,7 +263,6 @@ config CHPASSWD config SU bool "su" default y - select FEATURE_SUID select FEATURE_SYSLOG help su is used to become another user during a login session. @@ -295,7 +292,6 @@ config SULOGIN config VLOCK bool "vlock" default y - select FEATURE_SUID help Build the "vlock" applet which allows you to lock (virtual) terminals. diff --git a/miscutils/Config.src b/miscutils/Config.src index 4912daf88..da52e14c6 100644 --- a/miscutils/Config.src +++ b/miscutils/Config.src @@ -170,7 +170,6 @@ config FEATURE_CROND_DIR config CRONTAB bool "crontab" default y - select FEATURE_SUID help Crontab manipulates the crontab for a particular user. Only the superuser may specify a different user and/or crontab directory. diff --git a/util-linux/Config.src b/util-linux/Config.src index dbf2b0d85..941a47f90 100644 --- a/util-linux/Config.src +++ b/util-linux/Config.src @@ -361,7 +361,6 @@ config FEATURE_HWCLOCK_ADJTIME_FHS config IPCRM bool "ipcrm" default y - select FEATURE_SUID help The ipcrm utility allows the removal of System V interprocess communication (IPC) objects and the associated data structures @@ -371,7 +370,6 @@ config IPCS bool "ipcs" default y depends on PLATFORM_LINUX - select FEATURE_SUID help The ipcs utility is used to provide information on the currently allocated System V interprocess (IPC) objects in the system. -- 2.25.1