>There is just one open question: What is the disadvantage or
>side-effect of setting busybox to be setuid.
Our appliance needed this stuff too, and rather than scrub
through busybox to see if making it suid was sufficiently
'safe', we just wrote a wrapper program that was itself
suid, and that chained in BB. This program is what is
linked into the filesystem as su, login, ping, traceroute,
etc. We called it suidexec.c, and it looks something like:
int
main(int argc, char **argv, char **envp)
{
int ii;
char **nargv, *cp;
nargv = calloc((ii=argc) + 2, sizeof *nargv);
while (ii >= 0) {
nargv[ii + 1] = argv[ii];
ii--;
}
nargv[0] = "busybox";
if ((cp = strrchr(argv[0], '/')))
nargv[1] = cp + 1;
execve("/bin/busybox", nargv, envp);
return 1;
}
-- Jim
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
