|
»
« Return to Thread: Using fallback suid method
Re: Using fallback suid method
by Neil Shephard
::
Rate this Message:
--- In nslu2-linux@..., "Mike Westerhof (mwester)" <mwester@...> wrote:
>
> Corneliu Doban wrote:
> > Hi,
> >
> > I'm getting the following message every time I login on the SugOS 5.3: Using fallback suid method.
>
> This was discussed on the mailing list earlier -- search the archives on
> yahoo and you should find the details. It's a busybox thing, and IIRC
> one simply has to create a file in /etc with the appropriate suid
> information (an empty file is all it needs to behave like a normal Linux
> system).
>
> Of course, if you check the busybox website and archives for info on
> this feature, you might find that feature to be useful (I thought it
> might be, which is why it's enabled in the first place (although it
> would have been nice if the default image had the config file created,
> at least as an empty file)).
>
I've just encountered this in my upgrade to 5.3 after having created a new user account (messages reported when first logging in).
I searched the nslu2-linux archives (on nabble and yahoo and couldn't find anything other than this) and busybox archives and found this pointer --> http://lists.busybox.net/pipermail/busybox/2003-November/009851.html
Downloaded the source and 'make menuconfig' to get into the help which reads as follows (posting here so that the solution can, hopefully, be found in the archives here)...
CONFIG_FEATURE_SUID_CONFIG:
Allow the SUID / SGID state of an applet to be determined at runtime
by checking /etc/busybox.conf. (This is sort of a poor man's sudo.)
The format of this file is as follows:
<applet> = [Ssx-][Ssx-][x-] (<username>|<uid>).(<groupname>|<gid>)
An example might help:
[SUID]
su = ssx root.0 # applet su can be run by anyone and runs with
# euid=0/egid=0
su = ssx # exactly the same
│
mount = sx- root.disk # applet mount can be run by root and members
# of group disk and runs with euid=0
cp = --- # disable applet cp for everyone
The file has to be owned by user root, group root and has to be
writeable only by root:│
(chown 0.0 /etc/busybox.conf; chmod 600 /etc/busybox.conf)
The busybox executable has to be owned by user root, group
root and has to be setuid root for this to work:
(chown 0.0 /bin/busybox; chmod 4755 /bin/busybox)
Robert 'sandman' Griebl has more information here:
<url: http://www.softforge.de/bb/suid.html >.
I created the file (leaving it blank) and changed ownership and permissions as per above instructions, but no joy (yet), haven't tried rebooting yet though (will have to wait till I get home). Will update if I get it resolved.
Neil
>
> Corneliu Doban wrote:
> > Hi,
> >
> > I'm getting the following message every time I login on the SugOS 5.3: Using fallback suid method.
>
> This was discussed on the mailing list earlier -- search the archives on
> yahoo and you should find the details. It's a busybox thing, and IIRC
> one simply has to create a file in /etc with the appropriate suid
> information (an empty file is all it needs to behave like a normal Linux
> system).
>
> Of course, if you check the busybox website and archives for info on
> this feature, you might find that feature to be useful (I thought it
> might be, which is why it's enabled in the first place (although it
> would have been nice if the default image had the config file created,
> at least as an empty file)).
>
I've just encountered this in my upgrade to 5.3 after having created a new user account (messages reported when first logging in).
I searched the nslu2-linux archives (on nabble and yahoo and couldn't find anything other than this) and busybox archives and found this pointer --> http://lists.busybox.net/pipermail/busybox/2003-November/009851.html
Downloaded the source and 'make menuconfig' to get into the help which reads as follows (posting here so that the solution can, hopefully, be found in the archives here)...
CONFIG_FEATURE_SUID_CONFIG:
Allow the SUID / SGID state of an applet to be determined at runtime
by checking /etc/busybox.conf. (This is sort of a poor man's sudo.)
The format of this file is as follows:
<applet> = [Ssx-][Ssx-][x-] (<username>|<uid>).(<groupname>|<gid>)
An example might help:
[SUID]
su = ssx root.0 # applet su can be run by anyone and runs with
# euid=0/egid=0
su = ssx # exactly the same
│
mount = sx- root.disk # applet mount can be run by root and members
# of group disk and runs with euid=0
cp = --- # disable applet cp for everyone
The file has to be owned by user root, group root and has to be
writeable only by root:│
(chown 0.0 /etc/busybox.conf; chmod 600 /etc/busybox.conf)
The busybox executable has to be owned by user root, group
root and has to be setuid root for this to work:
(chown 0.0 /bin/busybox; chmod 4755 /bin/busybox)
Robert 'sandman' Griebl has more information here:
<url: http://www.softforge.de/bb/suid.html >.
I created the file (leaving it blank) and changed ownership and permissions as per above instructions, but no joy (yet), haven't tried rebooting yet though (will have to wait till I get home). Will update if I get it resolved.
Neil
« Return to Thread: Using fallback suid method
| Free embeddable forum powered by Nabble | Forum Help |
