summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorEric Andersen <andersen@codepoet.org>2004-08-26 23:13:00 +0000
committerEric Andersen <andersen@codepoet.org>2004-08-26 23:13:00 +0000
commit138791050d36d221d718568094892245d7c6f6ec (patch)
tree24c9479dab9bc019f716093628a70e392b3c40cb
parent37ba6bfb6d7ff7287ecda14bb4906fa6de1e78c9 (diff)
Improve the setuid situation a bit, and make it more apparent
when people really ought to make busybox setuid root. -Erik
-rw-r--r--Makefile10
-rw-r--r--loginutils/Config.in16
-rw-r--r--miscutils/Config.in3
3 files changed, 29 insertions, 0 deletions
diff --git a/Makefile b/Makefile
index 8afd69863..29897ef4e 100644
--- a/Makefile
+++ b/Makefile
@@ -57,6 +57,16 @@ busybox.links: applets/busybox.mkll include/config.h
install: applets/install.sh busybox busybox.links
$(SHELL) $< $(PREFIX)
+ifeq ($(strip $(CONFIG_FEATURE_SUID)),y)
+ @echo
+ @echo
+ @echo --------------------------------------------------
+ @echo You will probably need to make your busybox binary
+ @echo setuid root to ensure all configured applets will
+ @echo work properly.
+ @echo --------------------------------------------------
+ @echo
+endif
uninstall: busybox.links
rm -f $(PREFIX)/bin/busybox
diff --git a/loginutils/Config.in b/loginutils/Config.in
index d9938b066..5619aa9af 100644
--- a/loginutils/Config.in
+++ b/loginutils/Config.in
@@ -69,9 +69,13 @@ config CONFIG_FEATURE_U_W_TMP
config CONFIG_LOGIN
bool "login"
default n
+ select CONFIG_FEATURE_SUID
help
login is used when signing onto a system.
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
+
config CONFIG_FEATURE_SECURETTY
bool " Support for /etc/securetty"
default y
@@ -84,19 +88,27 @@ config CONFIG_FEATURE_SECURETTY
config CONFIG_PASSWD
bool "passwd"
default n
+ select CONFIG_FEATURE_SUID
help
passwd changes passwords for user and group accounts. A normal user
may only change the password for his/her own account, the super user
may change the password for any account. The administrator of a group
may change the password for the group.
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
+
config CONFIG_SU
bool "su"
default n
+ select CONFIG_FEATURE_SUID
help
su is used to become another user during a login session.
Invoked without a username, su defaults to becoming the super user.
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
+
config CONFIG_SULOGIN
bool "sulogin"
default n
@@ -107,9 +119,13 @@ config CONFIG_SULOGIN
config CONFIG_VLOCK
bool "vlock"
default n
+ select CONFIG_FEATURE_SUID
help
Build the "vlock" applet which allows you to lock (virtual) terminals.
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
+
comment "Common options for adduser, deluser, login, su"
depends on CONFIG_ADDUSER || CONFIG_DELUSER || CONFIG_LOGIN || CONFIG_SU
diff --git a/miscutils/Config.in b/miscutils/Config.in
index 3c92c4674..77e13e84e 100644
--- a/miscutils/Config.in
+++ b/miscutils/Config.in
@@ -15,6 +15,7 @@ config CONFIG_ADJTIMEX
config CONFIG_CROND
bool "crond"
default n
+ select CONFIG_FEATURE_SUID
help
Crond is a background daemon that parses individual crontab
files and executes commands on behalf of the users in question.
@@ -23,6 +24,8 @@ config CONFIG_CROND
$ cat /var/spool/cron/crontabs/root
# Run daily cron jobs at 4:40 every day:
40 4 * * * /etc/cron/daily > /dev/null 2>&1
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
config CONFIG_FEATURE_CROND_CALL_SENDMAIL
bool " Using /usr/sbin/sendmail?"