[PATCH 1/2] Allow BusyBox to be built without a list of applet names
Aaro Koskinen
aaro.koskinen at iki.fi
Sat Apr 30 13:24:38 UTC 2016
Hi,
On Sat, Apr 30, 2016 at 08:58:46AM -0400, Jody Lee Bruchon wrote:
> On April 30, 2016 8:39:24 AM EDT, Andreas Oberritter <obi at opendreambox.org> wrote:
> >Even worse, consider a busybox binary that someone expects to contain a
> >real command like cat or hexdump, which it doesn't. The colliding hash
> >of this command could map to a command that accepts the same
> >command-line arguments but destroys data, like mkfs.* or rm.
> >
> >Still even worse, without the list of applet names included in the
> >binary, you can't make sure that the applet you're calling actually
> >exists without dissecting the binary.
> >
> >Btw., invalid symlinks of e.g. previous installations of busybox might
> >exist in the filesystem. I've seen that in real products. And I've also
> >seen scripts call "busybox $cmd" directly many times before.
>
> This problem can be avoided at compile time by hashing all possible
> applet names in BusyBox and checking for collisions.
You would need to check all possible future applet names as well...
A.
More information about the busybox
mailing list