/etc/busybox.conf confusion [secutiry?]

[Jan Evert van Grootheest]

	> Tito, others,

	> 

	> Sorry about this, but those su and passwd comments were with
my initial

	> patch applied.

	> 

	> With original code, it is easiest to demonstrate using 'cat

	> /proc/self/status' with a suid root bbox and as a regular
user. Try both

	> with cat in bbox.conf as xxx and cat not present in bbox.conf.

	> When cat is present as xxx, privileges are not dropped.

	> 

	> I ran into this because my environment had ash and sh as ssx
in

	> bbox.conf. Which I changed to xxx. And then still had not
proper

	> uids/gids.

	> 

	> -- Jan Evert 

	Hi,

	mv busybox /bin/busybox

	chown 0.0 /bin/busybox

	chmod 4755 /bin/busybox

	

	1 ) not in busybox.conf:

	as normal user /bin/busybox cat /proc/self/status does not work 

Eh? For me (1.4.1 and patches) it works just fine if cat is not in
bbox.conf. 

Dumb question of the day... what are the permissions to your
/etc/busybox.conf?

 

	 2) in busybox.conf

	2a) as normal user and cat = ssx 0.0 in busybox.conf 

	/bin/busybox cat /proc/self/status works

	Name: busybox

	State: R (running)

	SleepAVG: 88%

	Tgid: 6937

	Pid: 6937

	PPid: 6416

	TracerPid: 0

	Uid: 1000 0 0 0

	Gid: 1000 1000 1000 1000 

Given the ssx, this result is somewhat expected, except that I would
expect gid to be '1000 0 0 0'? It seems that bbox actually did sxx.

	

	2b) as normal user and cat = xxx 0.0 in busybox.conf 

	/bin/busybox cat /proc/self/status does not work

	

	if in [SUID] stanza alphabetical order is respected

	[SUID]

	cat = xxx 0.0

	passwd = ssx 0.0

	# applet su can be run by anyone and runs with euid=0/egid=0

	su = ssx root.0

	# applet su can be run by anyone and runs with euid=0/egid=0

	

	2c) as normal user and cat = xxx 0.0 in busybox.conf it works

	

	/bin/busybox cat /proc/self/status works

	

	if in [SUID] stanza alphabetical order is not respected

	[SUID]

	passwd = ssx 0.0

	# applet su can be run by anyone and runs with euid=0/egid=0

	su = ssx root.0

	# applet su can be run by anyone and runs with euid=0/egid=0

	cat = xxx 0.0

	

	Name: busybox

	State: R (running)

	SleepAVG: 58%

	Tgid: 6953

	Pid: 6953

	PPid: 6416

	TracerPid: 0

	Uid: 1000 0 0 0

	Gid: 1000 1000 1000 1000

	

	Seems that there is really something wrong here....

	

	IMHO check_suid and parse_config_file should be totally
rewritten,

	the first to make it more readable and the second to reduce the
bloat as most of its features 

	are unused at the moment. 

As for the ordering... my bbox.conf appears to be in the same order as
the applets are in 'make menuconfig'. But that's just an impression. At
least the applets are grouped according to the submenus in make
menuconfig. And withing the grouping they are alfabetically ordered.

-- Jan Evert

PS: sorry if Outlook makes a mess of this mail. I don't know how to make
it behave. It seems impossible. 
 
The information contained in this communication is confidential and may be legally privileged. It is intended solely for the use of the individual or entity to whom it is addressed and others authorised to receive it. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. Vialis is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt. 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://busybox.net/lists/busybox/attachments/20070501/42d0ede5/attachment.htm