From: Phil Blundell <pb@pbcl.net>
To: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: qingtao.cao@windriver.com, openembedded-core@lists.openembedded.org
Subject: Re: [PATCH V2 9/9] tinylogin: remove recipe
Date: Mon, 17 Jun 2013 12:15:16 +0100 [thread overview]
Message-ID: <1371467716.6580.23.camel@phil-desktop.brightsign> (raw)
In-Reply-To: <1371467178.20823.103.camel@ted>
On Mon, 2013-06-17 at 12:06 +0100, Richard Purdie wrote:
> The plan (and I believe what this series does) is to have two busybox
> binaries, one is suid (as small a subset as we really need) and the
> other is not and hence this hopefully goes some way to reassuring people
> about that.
Partly, but that's only half the problem. My recollection from when I
last looked at this is that it was actually quite straightforward to
convince yourself by inspection of the code that busybox is indeed
dropping setuid privs almost immediately for applets that don't need it,
so the risk of having things like /bin/cat unexpectedly running as
setuid is probably fairly low. (However, there are other minor reasons
why having the primary busybox binary as setuid is sometimes
inconvenient so I agree that splitting the setuid portions out makes
sense.)
What's harder. given the way that the code is structured, is to get a
clear view of which lines of source might end up being invoked by one of
the setuid applets and to determine whether this has changed from one
busybox release to the next.
p.
prev parent reply other threads:[~2013-06-17 11:15 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-17 5:49 [PATCH V2 0/9] busybox miscellaneous fixes Qi.Chen
2013-06-17 5:49 ` [PATCH V2 1/9] busybox: remove the postinst part of the recipe Qi.Chen
2013-06-17 17:52 ` Otavio Salvador
2013-06-18 1:37 ` ChenQi
2013-06-18 12:06 ` Otavio Salvador
2013-06-17 5:49 ` [PATCH V2 2/9] busybox: add support for CONFIG_FEATURE_INDIVIDUAL Qi.Chen
2013-06-17 5:49 ` [PATCH V2 3/9] busybox: add a config fragment to enable login utilities Qi.Chen
2013-06-17 5:49 ` [PATCH V2 4/9] busybox: enable to list suid and non-suid app configs Qi.Chen
2013-06-17 5:49 ` [PATCH V2 5/9] busybox: add the ability to split the busybox binary Qi.Chen
2013-06-17 5:49 ` [PATCH V2 6/9] packagegroup-core-boot: use busybox as the default login manager Qi.Chen
2013-06-17 5:49 ` [PATCH V2 7/9] packagegroup-core-basic: set " Qi.Chen
2013-06-17 5:49 ` [PATCH V2 8/9] mingetty: lower the ALTERNATIVE_PRIORITY Qi.Chen
2013-06-17 5:49 ` [PATCH V2 9/9] tinylogin: remove recipe Qi.Chen
2013-06-17 10:17 ` Phil Blundell
2013-06-17 10:28 ` Richard Purdie
2013-06-17 10:59 ` Phil Blundell
2013-06-17 11:06 ` Richard Purdie
2013-06-17 11:15 ` Phil Blundell [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1371467716.6580.23.camel@phil-desktop.brightsign \
--to=pb@pbcl.net \
--cc=openembedded-core@lists.openembedded.org \
--cc=qingtao.cao@windriver.com \
--cc=richard.purdie@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox