[maemo-users] Missing OS2008 cmdline apps (was Re: how to install OS2007?)

[From: Marius Gedminas]

On Fri, Jan 04, 2008 at 02:33:41AM -0800, James Sparenberg wrote:
> On Wednesday 02 January 2008 06:07:47 Marius Gedminas wrote:
> > On Tue, Jan 01, 2008 at 11:42:01PM -0800, James Sparenberg wrote:
> > > Hendrik,
> > >
> > >   Actually ping requires root on all systems.   Since in order to
> > > do icmp you need to put the nic into a different mode than it
> > > runs in normally.  The way it is normally done on every other
> > > linux distro is to do (as root)
> > >
> > > chmod u+s /usr/bin/ping   (or /bin/ping on busybox enabled
> > > systems)
> > >
> > > This will, yes, set ping as setuid root.  If you look at any
> > > other Linux you see that they all run ping setuid root.
> >
> > If you do that with /bin/ping on busybox-enabled systems, it will
> > set *all* busybox utils (including /bin/sh) setuid root.
> >
> > Gun. Foot. Safety off.
> >
> > Good luck,
> > Marius Gedminas
> 
> Marius,
> 
>    Yes it would seem so, and I expected it to happen,  but if you do 
> chmod u+s /bin/ping ... a normal user can run ping.  But then if you 
> turn around and do  (after the chmod) 
> 
> cat /etc/sudoers 
> 
> As an unprivileged user ... it will give you a permission denied. 

You're right, busybox has special support for suid and drops privileges
for applets that aren't supposed to be suid.  This is cool, I didn't
know about it.  Make sense when I notice /bin/su is a symlink to
busybox.  Although I'm not sure then why busybox is not suid root by
default.

Marius Gedminas
-- 
Only great masters of style can succeed in being obtuse.
                -- Oscar Wilde

Most UNIX programmers are great masters of style.
                -- The Unnamed Usenetter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.maemo.org/pipermail/maemo-users/attachments/20080105/79c08172/attachment.pgp