From 7b305646e12536e9aa62d2768d48bf2d2d78caa5 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Sun, 9 Jan 2011 21:54:50 +0100
Subject: [PATCH] stop giving root rights to dnsd, ipcrm, ipcs

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 include/applets.src.h | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/include/applets.src.h b/include/applets.src.h
index 261ef2333..691e097c1 100644
--- a/include/applets.src.h
+++ b/include/applets.src.h
@@ -118,8 +118,7 @@ IF_DHCPRELAY(APPLET(dhcprelay, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_DIFF(APPLET(diff, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_DIRNAME(APPLET_NOFORK(dirname, dirname, _BB_DIR_USR_BIN, _BB_SUID_DROP, dirname))
 IF_DMESG(APPLET(dmesg, _BB_DIR_BIN, _BB_SUID_DROP))
-/* Why _BB_SUID_REQUIRE? */
-IF_DNSD(APPLET(dnsd, _BB_DIR_USR_SBIN, _BB_SUID_REQUIRE))
+IF_DNSD(APPLET(dnsd, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_HOSTNAME(APPLET_ODDNAME(dnsdomainname, hostname, _BB_DIR_BIN, _BB_SUID_DROP, dnsdomainname))
 IF_DOS2UNIX(APPLET_NOEXEC(dos2unix, dos2unix, _BB_DIR_USR_BIN, _BB_SUID_DROP, dos2unix))
 IF_DPKG(APPLET(dpkg, _BB_DIR_USR_BIN, _BB_SUID_DROP))
@@ -198,10 +197,8 @@ IF_IP(APPLET(ip, _BB_DIR_BIN, _BB_SUID_DROP))
 #endif
 IF_IPADDR(APPLET(ipaddr, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_IPCALC(APPLET(ipcalc, _BB_DIR_BIN, _BB_SUID_DROP))
-/* Why _BB_SUID_REQUIRE? On Fedora, it isn't suid root */
-IF_IPCRM(APPLET(ipcrm, _BB_DIR_USR_BIN, _BB_SUID_REQUIRE))
-/* Why _BB_SUID_REQUIRE? On Fedora, it isn't suid root */
-IF_IPCS(APPLET(ipcs, _BB_DIR_USR_BIN, _BB_SUID_REQUIRE))
+IF_IPCRM(APPLET(ipcrm, _BB_DIR_USR_BIN, _BB_SUID_DROP))
+IF_IPCS(APPLET(ipcs, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_IPLINK(APPLET(iplink, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_IPROUTE(APPLET(iproute, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_IPRULE(APPLET(iprule, _BB_DIR_BIN, _BB_SUID_DROP))