embedded control panel - can this work?

Harald Becker ralda at gmx.de
Tue Jan 18 12:11:09 UTC 2011


 Hallo David!

> I've heard of stuff like wheel, but as far as I can see that doesn't
> help.... you never become "real root"
If you run a program suid root you can get real user root using
setresuid() function and do an exec to run another program with full
root permissions. That is, how most of those (unexpected) back doors
work (happen).

Hint: Setup a daemon on your system listening on a tcp/udp socket of
localhost address or a unix domain socket. Run a small stub program as
part of your web page access to contact your local system daemon (I got
that working in the past, using shell scripts and netcat). Let your
daemon (running as root) do any required work or (better) run any
required program to do the requested work with the least possible user
privileges.

busybpx has tcpsrvd which work fine as daemon in that situation running
(another) busybox shell script to do the work (accepting commands from
the stub using read built-in and responding using echo built-in). Doing
it that way and using netcat from a shell CGI script you do not need to
write any extra code beside busybox :-) ... ok, it's slow and requires a
lot of memory for those requests, but it works if you have those
resources. Memory is always reclaimed after processing of the request
(daemon script exits, tcpsrvd respawns on next request).

--
Harald



More information about the busybox mailing list