[uClibc]netkit-tiny
Erik Andersen
andersen at lineo.com
Mon Feb 26 20:26:28 UTC 2001
On Mon Feb 26, 2001 at 03:26:47PM -0500, Gennady Feldman wrote:
> Tom,
>
> It was my oops for not checking busybox +s. It works just fine when you
> do chmod +s busybox and compile ping support in. My bad, consider this
> issue closed.
Well, not entirely. Because if you _do_ 'chmod +s busybox' then
all busybox applets can now run as root, which is probably not what
you want either (imagine what fun a hacker could have with a setuid
'dd' or 'sed'!).
For tinylogin, I had it carefully drop permissions for all applets
unless the applet had a special field stating that it was ok to run
setuid. Something similar is needed for busybox,
-Erik
--
Erik B. Andersen email: andersen at lineo.com
--This message was written using 73% post-consumer electrons--
More information about the uClibc
mailing list