Busybox for Mini2440
walter harms
wharms at bfs.de
Tue Nov 24 18:02:50 UTC 2009
Mike Frysinger schrieb:
> On Tuesday 24 November 2009 01:54:25 Tito wrote:
>> On Tuesday 24 November 2009 01:06:06 you wrote:
>>>> Did you "suid" busybox?
>>> We don't do that, I was uncomfortable with giving
>>> all BB applets such privilege. We wrote a simple
>>> suid-root exec-er that was linked to the few apps
>>> that needed such privilege, it in turn just execs
>>> "busybox $*" (in effect) to get it done.
>> This is unneeded as busybox drops itself the super user privileges
>> at start for the applets that don't need it. Keep it simple.
>> Why should your suid-root exec-er be safer than busybox?
>
> one might say jim is keeping it simple. it's a lot easier to audit a smaller
> redirector binary than it is to audit the busybox code base.
> -mike
>
we have /etc/busybox (or something like that) for applets that need suid, havent we ?
re,
wh
More information about the busybox
mailing list