su - without password in 1.3.0

Tito farmatito at tiscali.it
Sun Jan 14 13:39:00 UTC 2007


On Sunday 14 January 2007 13:38, you wrote:
> On Sun, Jan 14, 2007 at 12:42:45PM +0100, Tito wrote:
> >On Sunday 14 January 2007 08:56, Marc Leeman wrote:
> >> > Why do you need it? It works ok without config entry like this...
> >> 
> >> Because busybox needs to gain root someway, and in the past, it was
> >> certainly done like this.
> >> 
> >> It works, well kind of. The problem is that it should at least ask for a
> >> root password and not drop any user into a rootshell without a request
> >> for a password.
> >> 
> >> I'll see if I have time to have a look at it next week, but as it is, we
> >> cannot use busybox > 1.2.2 due to this bug :-(
> >> 
> >> > I did not lern yet busybox.conf format, I suppose
> >> > there may be a mistake in your line (so that su thinks
> >> > that it runs by root)
> >> 
> >> There might be a mistake, but then it became a mistake from 1.3.0
> >> onwards since it has performed as expected for over a year.
> >>
> >
> >Hi to all!
> >Could you please test the attached applets.c drop in replacement file?
> >For me it fixes the problem, but as i do not fully understand this
> >bb_suid_* stuff probably it breaks everything else.
> >
> >The logic is:
> >if in busybox.conf uid.gid is 0.0 don't touch uid gid ruid rgid as the applet will decide what to do,
> >in other words if we don't have to drop privileges as per directive in busybox.conf or as result
> >of a parse error or as fallback, don't mess up the uid/ruid, gid/rgid values.
> >
> >The word to the real gurus.......  ;-)
> >
> >Ciao,
> >Tito
> 
> >/* vi: set sw=4 ts=4: */
> [snip]
> >#if ENABLE_SHOW_USAGE && !ENABLE_FEATURE_COMPRESS_USAGE
> >static const char usage_messages[] =
> >#define MAKE_USAGE
> >#include "usage.h"
> >#include "applets.h"
> >;
> 
> (Your allnoconfig is broken, isn't it?)

No, works.
Make defconfig is broken.

> 
> What caused this bug? Was it
> http://busybox.net/cgi-bin/viewcvs.cgi/trunk/busybox/applets/applets.c?rev=15703&r1=15420&r2=15703

This changes the interesting lines, can't say if it is the culprit 'cause I don't fully understand all
the suid_* stuff and just acted per intuition.

> or some of the SYSLOG stuff against su

Doesn't seem related to syslog stuff in my opinion.

> > Just curious.. 
> 

Ciao,
Tito



More information about the busybox mailing list