diff options
author | Eric Andersen <andersen@codepoet.org> | 2004-08-26 23:13:00 +0000 |
---|---|---|
committer | Eric Andersen <andersen@codepoet.org> | 2004-08-26 23:13:00 +0000 |
commit | 138791050d36d221d718568094892245d7c6f6ec (patch) | |
tree | 24c9479dab9bc019f716093628a70e392b3c40cb | |
parent | 37ba6bfb6d7ff7287ecda14bb4906fa6de1e78c9 (diff) | |
download | busybox-138791050d36d221d718568094892245d7c6f6ec.tar.gz |
Improve the setuid situation a bit, and make it more apparent
when people really ought to make busybox setuid root.
-Erik
-rw-r--r-- | Makefile | 10 | ||||
-rw-r--r-- | loginutils/Config.in | 16 | ||||
-rw-r--r-- | miscutils/Config.in | 3 |
3 files changed, 29 insertions, 0 deletions
@@ -57,6 +57,16 @@ busybox.links: applets/busybox.mkll include/config.h install: applets/install.sh busybox busybox.links $(SHELL) $< $(PREFIX) +ifeq ($(strip $(CONFIG_FEATURE_SUID)),y) + @echo + @echo + @echo -------------------------------------------------- + @echo You will probably need to make your busybox binary + @echo setuid root to ensure all configured applets will + @echo work properly. + @echo -------------------------------------------------- + @echo +endif uninstall: busybox.links rm -f $(PREFIX)/bin/busybox diff --git a/loginutils/Config.in b/loginutils/Config.in index d9938b066..5619aa9af 100644 --- a/loginutils/Config.in +++ b/loginutils/Config.in @@ -69,9 +69,13 @@ config CONFIG_FEATURE_U_W_TMP config CONFIG_LOGIN bool "login" default n + select CONFIG_FEATURE_SUID help login is used when signing onto a system. + Note that Busybox binary must be setuid root for this applet to + work properly. + config CONFIG_FEATURE_SECURETTY bool " Support for /etc/securetty" default y @@ -84,19 +88,27 @@ config CONFIG_FEATURE_SECURETTY config CONFIG_PASSWD bool "passwd" default n + select CONFIG_FEATURE_SUID help passwd changes passwords for user and group accounts. A normal user may only change the password for his/her own account, the super user may change the password for any account. The administrator of a group may change the password for the group. + Note that Busybox binary must be setuid root for this applet to + work properly. + config CONFIG_SU bool "su" default n + select CONFIG_FEATURE_SUID help su is used to become another user during a login session. Invoked without a username, su defaults to becoming the super user. + Note that Busybox binary must be setuid root for this applet to + work properly. + config CONFIG_SULOGIN bool "sulogin" default n @@ -107,9 +119,13 @@ config CONFIG_SULOGIN config CONFIG_VLOCK bool "vlock" default n + select CONFIG_FEATURE_SUID help Build the "vlock" applet which allows you to lock (virtual) terminals. + Note that Busybox binary must be setuid root for this applet to + work properly. + comment "Common options for adduser, deluser, login, su" depends on CONFIG_ADDUSER || CONFIG_DELUSER || CONFIG_LOGIN || CONFIG_SU diff --git a/miscutils/Config.in b/miscutils/Config.in index 3c92c4674..77e13e84e 100644 --- a/miscutils/Config.in +++ b/miscutils/Config.in @@ -15,6 +15,7 @@ config CONFIG_ADJTIMEX config CONFIG_CROND bool "crond" default n + select CONFIG_FEATURE_SUID help Crond is a background daemon that parses individual crontab files and executes commands on behalf of the users in question. @@ -23,6 +24,8 @@ config CONFIG_CROND $ cat /var/spool/cron/crontabs/root # Run daily cron jobs at 4:40 every day: 40 4 * * * /etc/cron/daily > /dev/null 2>&1 + Note that Busybox binary must be setuid root for this applet to + work properly. config CONFIG_FEATURE_CROND_CALL_SENDMAIL bool " Using /usr/sbin/sendmail?" |