mirror of
https://github.com/sheumann/hush.git
synced 2024-12-21 23:29:34 +00:00
Improve the setuid situation a bit, and make it more apparent
when people really ought to make busybox setuid root. -Erik
This commit is contained in:
parent
37ba6bfb6d
commit
138791050d
10
Makefile
10
Makefile
@ -57,6 +57,16 @@ busybox.links: applets/busybox.mkll include/config.h
|
||||
|
||||
install: applets/install.sh busybox busybox.links
|
||||
$(SHELL) $< $(PREFIX)
|
||||
ifeq ($(strip $(CONFIG_FEATURE_SUID)),y)
|
||||
@echo
|
||||
@echo
|
||||
@echo --------------------------------------------------
|
||||
@echo You will probably need to make your busybox binary
|
||||
@echo setuid root to ensure all configured applets will
|
||||
@echo work properly.
|
||||
@echo --------------------------------------------------
|
||||
@echo
|
||||
endif
|
||||
|
||||
uninstall: busybox.links
|
||||
rm -f $(PREFIX)/bin/busybox
|
||||
|
@ -69,9 +69,13 @@ config CONFIG_FEATURE_U_W_TMP
|
||||
config CONFIG_LOGIN
|
||||
bool "login"
|
||||
default n
|
||||
select CONFIG_FEATURE_SUID
|
||||
help
|
||||
login is used when signing onto a system.
|
||||
|
||||
Note that Busybox binary must be setuid root for this applet to
|
||||
work properly.
|
||||
|
||||
config CONFIG_FEATURE_SECURETTY
|
||||
bool " Support for /etc/securetty"
|
||||
default y
|
||||
@ -84,19 +88,27 @@ config CONFIG_FEATURE_SECURETTY
|
||||
config CONFIG_PASSWD
|
||||
bool "passwd"
|
||||
default n
|
||||
select CONFIG_FEATURE_SUID
|
||||
help
|
||||
passwd changes passwords for user and group accounts. A normal user
|
||||
may only change the password for his/her own account, the super user
|
||||
may change the password for any account. The administrator of a group
|
||||
may change the password for the group.
|
||||
|
||||
Note that Busybox binary must be setuid root for this applet to
|
||||
work properly.
|
||||
|
||||
config CONFIG_SU
|
||||
bool "su"
|
||||
default n
|
||||
select CONFIG_FEATURE_SUID
|
||||
help
|
||||
su is used to become another user during a login session.
|
||||
Invoked without a username, su defaults to becoming the super user.
|
||||
|
||||
Note that Busybox binary must be setuid root for this applet to
|
||||
work properly.
|
||||
|
||||
config CONFIG_SULOGIN
|
||||
bool "sulogin"
|
||||
default n
|
||||
@ -107,9 +119,13 @@ config CONFIG_SULOGIN
|
||||
config CONFIG_VLOCK
|
||||
bool "vlock"
|
||||
default n
|
||||
select CONFIG_FEATURE_SUID
|
||||
help
|
||||
Build the "vlock" applet which allows you to lock (virtual) terminals.
|
||||
|
||||
Note that Busybox binary must be setuid root for this applet to
|
||||
work properly.
|
||||
|
||||
comment "Common options for adduser, deluser, login, su"
|
||||
depends on CONFIG_ADDUSER || CONFIG_DELUSER || CONFIG_LOGIN || CONFIG_SU
|
||||
|
||||
|
@ -15,6 +15,7 @@ config CONFIG_ADJTIMEX
|
||||
config CONFIG_CROND
|
||||
bool "crond"
|
||||
default n
|
||||
select CONFIG_FEATURE_SUID
|
||||
help
|
||||
Crond is a background daemon that parses individual crontab
|
||||
files and executes commands on behalf of the users in question.
|
||||
@ -23,6 +24,8 @@ config CONFIG_CROND
|
||||
$ cat /var/spool/cron/crontabs/root
|
||||
# Run daily cron jobs at 4:40 every day:
|
||||
40 4 * * * /etc/cron/daily > /dev/null 2>&1
|
||||
Note that Busybox binary must be setuid root for this applet to
|
||||
work properly.
|
||||
|
||||
config CONFIG_FEATURE_CROND_CALL_SENDMAIL
|
||||
bool " Using /usr/sbin/sendmail?"
|
||||
|
Loading…
Reference in New Issue
Block a user