[BusyBox] Busybox and setuid
rob at landley.net
Mon Aug 22 20:53:10 UTC 2005
On Monday 22 August 2005 14:14, Chris Kottaridis wrote:
> Maybe it's just the old sysadmin in me, but having to setuid root on
> busybox for a couple of commands that need it, and thus having all
> busybox commands run as setuid root, is just a bit scary.
> Is there a configuration option that will build me two busybox'es ?
Nope. There used to be a separate package that had the stuff that needed root
(login and such), but it got folded in a while back.
On 3/17 I posted a message about the start of a "make standalone" that could
build busybox as a bunch of separate executables, possibly sharing a .so
file. But I have pathetic make-fu and nobody else ever picked up on it. (I
can make you a shell script that'll do it, of course... :)
> One built with all the non-setuid commands I need and all the
> appropriate symlinks to it, and the other, called say subusybox, with
> only the commands that setuid root built in it and links for that
> command set to subusybox instead of busybox. This way only subusybox
> would need to be setuid.
That's easy enough to do.
> I realize I could do two builds myself and make this happen, but was
> wondering if there is some automagical way to make this happen.
Not that I know of.
> Is there some alternative way to separate setuid commands out from the
> busybox non-setuid commands that I haven't thought of, short of just
> building non-busybox versions of the setuid root commands ?
We have some infrastructure that drops root automatically for things that
don't need it, if you enable suid support. Happens before the applet itself
actually gets run, I believe. (Applets are tagged based on whether or not
they need root access in one of the .h files.)
More information about the busybox