[PATCH] ping: try SOCK_DGRAM if no root privileges

[Tito]

On Thursday 09 January 2014 15:07:23 Laurent Bercot wrote:
> 
> >> making ping suid in the context of busybox basically means "make the
> >> entire busybox binary suid" and that is definitely a bad idea (an
> >> example that comes to mind is the wall vulnerability discovered
> >> recently).
> > Hi,
> > Busybox drops suid privileges for applets that don't require it
> > even before the applet code is called.
> 
>   I never understood all the fuss about that or the chosen
> Busybox solution. Gaining privileges is the single most dangerous
> thing in Unix ; gaining privileges then dropping them if you didn't
> need them after all is playing with fire for no reason.
> 
>   Here is what I do:
> 
>   * make a single busybox binary with all the applets I need. My
> busybox binary is NEVER setuid.
>   * compile a separate small C program that tests whether
> `basename $0` is in a list of accepted words, and if it is the
> case, execs into "/bin/busybox `basename $0` $@". Make that separate
> binary setuid root.

Hi,
basename is a link to which one of the busybox binaries?

Ciao,
Tito
>   * the utilities that need to be setuid root are symlinks to that
> binary, the other ones are direct symlinks to busybox.
> 
>   This solution makes me trust 4 lines of code instead of the
> whole busybox binary, and privileges are only gained if they
> are really needed. Sure, I have to edit the list of setuid applets
> in an additional place; this is a small price to pay for
> correctness.
> 
>