From: Koen Kooi <k.kooi@student.utwente.nl>
To: Using the OpenEmbedded metadata to build Distributions
<openembedded-devel@openembedded.org>
Subject: Re: tinylogin vs. busybox
Date: Wed, 13 Feb 2008 16:06:07 +0100 [thread overview]
Message-ID: <47B3075F.4000703@student.utwente.nl> (raw)
In-Reply-To: <200802131432.42455.mickey@vanille-media.de>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Michael 'Mickey' Lauer schreef:
| On Wednesday 13 February 2008 13:53:18 Koen Kooi wrote:
|> Michael 'Mickey' Lauer schreef:
|> | I just realized that we are still using tinylogin which has bugs and
|>
|> is dead.
|>
|> | Newer busybox releases contain all the functionality. Anyone know a
|> | compelling reason to keep using tinylogin as the default in
task-base? If
|> | not, I'd like to switch to busybox (after changing its defconfig) soon.
|>
|> Using busybox as login requires it being setuid root, with all the nasty
|> security implications stemming from that.
|
| http://www.busybox.net/lists/busybox/2004-May/011551.html give me the
opinion
| that this is not a problem.
If that email is true, we could dump tinylogin, but frankly, I trust
busybox as far as I can throw a piano (and toybox as far as I can throw
a 21" crt) and SUID root binaries make my skin crawl, so we must be very
carefull and do thorough tests before making this change.
The last thing we want is $bigcompany to blame OE for the exploitabilty
of their devices.
|> I don't think OE should force
|> people to only have one user ('root') on their systems, since that is
|> exactly what your proposed change would mean.
|
| I agree, but I don't see why using busybox login would limit us to
root-only.
| Care to give more details?
The way busybox worked before is that *any* busybox applet is SUID root,
which means 'vi' and 'passwd' are as well, which in practice means there
is only one user: root.
| Besides, I think using something old and dead as tinylogin with known
bugs is
| more of a security problem than setuid root busybox...
That depends on what those bugs are, I can't do more than handwaving
about one being less secure as the other without that knowledge.
regards,
Koen
- --
koen@dominion.kabel.utwente.nl will go go away in december 2007, please
use k.kooi@student.utwente.nl instead.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFHswdfMkyGM64RGpERAhIXAJ9+ve//TgUn/U7ZFYUmNaqitAY+bwCfY4pF
JPmlPuPhBdvndxlqzveWVaE=
=nTlr
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2008-02-13 15:06 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-13 12:40 tinylogin vs. busybox Michael 'Mickey' Lauer
2008-02-13 12:53 ` Koen Kooi
2008-02-13 13:32 ` Michael 'Mickey' Lauer
2008-02-13 15:06 ` Koen Kooi [this message]
2008-02-13 15:48 ` pHilipp Zabel
2008-02-15 11:46 ` Michael 'Mickey' Lauer
2008-02-15 12:25 ` Sergey Lapin
-- strict thread matches above, loose matches on Subject: below --
2008-02-15 12:41 Mark Gollahon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47B3075F.4000703@student.utwente.nl \
--to=k.kooi@student.utwente.nl \
--cc=openembedded-devel@lists.openembedded.org \
--cc=openembedded-devel@openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox