[re]Bug in busybox base applet?
Erik Andersen
andersen at codepoet.org
Fri Sep 2 16:53:02 UTC 2005
On Fri Sep 02, 2005 at 09:18:36AM -0500, Rob Landley wrote:
> > > B) How does the binary being named "busybox" screw this up?
> >
> > Relying on the (exact) name "busybox" screws this up if the the name is
> > "busybox-suid".
>
> And relying on the name "ls" doesn't work if they rename the executable
> "ls.static" or "ls-nocolor".
Some people choose to compile busybox several times using
different config file to create several smaller binaries. In
particular, some people choose to create a busybox binary that
contains all non-setuid applets (i.e. /bin/busybox), and a
separate busybox binary that contains all setuid requiring
applets (i.e. /bin/busybox.suid) whis is made setuid root. This
apparently allows them to have an extra warm cozy feeling when
sleeping at night, knowing they have minimized the potential for
the bad guys to subvert a setuid busybox. That is why busybox
has never restricted $0 to being only /bin/busybox.
Other current uses for an arbitrary $0 include modular packaging
systems, such the ipk as currently provided by the openembedded
project, where they package up N separate, self-contained busybox
executable packages. Each package contains a busybox binary
built containing a subset of busybox's applets, along with the
set of symlinks needed to utilize the provided group of applets.
-Erik
--
Erik B. Andersen http://codepoet-consulting.com/
--This message was written using 73% post-consumer electrons--
More information about the busybox
mailing list