Why does login need to be suid by root to work?
Cathey, Jim
jcathey at ciena.com
Wed Dec 1 00:41:06 UTC 2010
>When I make the busybox executable setuid by root, login is accesible
>by non-root users. However, I don't understand the need for this? Why
>is login being required to get root permissions. It isn't this way on
>typical linux installs.
Because "typical Linux installs" are wrong! login is very old,
predating Linux by all the time there is. You used to be able to
"login", and choose who you were going to be. Or "login <user>"
and give it the user's password when prompted. Only way for
that to happen is if login itself is running privileged. For
normal box access methods (telnet, ssh, getty) the parent of
login was already privileged, so login doesn't need to be suid,
and so the installation error isn't easily noticed. People usually
use "su" instead. But if you want interactive (re-)login to work,
it has to be suid root.
-- Jim
More information about the busybox
mailing list