[Bug 4544] New: $TMPDIR lost on launching a new non-root shell instance when the SUID bit is set

bugzilla at busybox.net bugzilla at busybox.net
Sun Nov 27 11:47:59 UTC 2011


https://bugs.busybox.net/show_bug.cgi?id=4544

           Summary: $TMPDIR lost on launching a new non-root shell
                    instance when the SUID bit is set
           Product: Busybox
           Version: 1.19.x
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: P5
         Component: Other
        AssignedTo: unassigned at busybox.net
        ReportedBy: tj.groenen at gmail.com
                CC: busybox-cvs at busybox.net
   Estimated Hours: 0.0


When launching a new BusyBox shell instance as a non-root user with the SUID
bit set on /bin/busybox, $TMPDIR will get lost. It does _not_ get lost when the
SUID bit is not set and/or when root launches a new shell instance.

----EXPECTED OUTCOME----
[dennis at i7-820qm ~]$ sudo chmod u+s /bin/busybox 
[dennis at i7-820qm ~]$ export TMPDIR=/tmp
[dennis at i7-820qm ~]$ busybox sh
$ echo $TMPDIR
/tmp
$ exit

----ACTUAL OUTCOME----
[dennis at i7-820qm ~]$ sudo chmod u+s /bin/busybox 
[dennis at i7-820qm ~]$ busybox sh
$ echo $TMPDIR

$ exit

----OTHER REMARKS----
1) Ash is set as the default shell.
2) Other variables I've tested are carried over just fine when the SUID bit is
set.
3) The loss of the variable happens both when launching "busybox sh" from bash,
as well as launching it from busybox' sh:
[dennis at i7-820qm ~]$ sudo chmod u+s /bin/busybox 
[dennis at i7-820qm ~]$ busybox sh
$ export TMPDIR=/tmp
$ echo $TMPDIR
/tmp
$ sh
$ echo $TMPDIR

$ exit


Verified on both a Nokia N900 (BusyBox 1.19.3) as well as on my notebook
(BusyBox 1.19.2). The bug severity is set to major since we rely on $TMPDIR
being set on our N900. Therefore, we can't set the SUID bit on /bin/busybox,
which in turn means no ping, su, .. as a non-root user -> major loss of
function. Please change the severity if you think that a lower rating suits the
bug better.

-- 
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the busybox-cvs mailing list