disable automatic selection of FEATURE_SUID; improve its help text

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/Config.in b/Config.in
index 140572e..1109b10 100644 (file)
--- a/Config.in
+++ b/Config.in
@@ -328,10 +328,18 @@ config FEATURE_SUID
          symlinks pointing to each binary), and only set the suid bit on the
          one that needs it.
 
-         The applets currently marked to need the suid bit are:
-
-         crontab, dnsd, findfs, ipcrm, ipcs, login, passwd, ping, su,
-         traceroute, vlock.
+         The applets which require root rights (need suid bit or
+         to be run by root) and will refuse to execute otherwise:
+         crontab, login, passwd, su, vlock, wall.
+
+         The applets which will use root rights if they have them
+         (via suid bit, or because run by root), but would try to work
+         without root right nevertheless:
+         findfs, ping[6], traceroute[6], mount.
+
+         Note that if you DONT select this option, but DO make busybox
+         suid root, ALL applets will run under root, which is a huge
+         security hole (think "cp /some/file /etc/passwd").
 
 config FEATURE_SUID_CONFIG
        bool "Runtime SUID/SGID configuration via /etc/busybox.conf"

diff --git a/include/applets.src.h b/include/applets.src.h
index 691e097..2481fe6 100644 (file)
--- a/include/applets.src.h
+++ b/include/applets.src.h
@@ -18,6 +18,8 @@ s     - suid type:
         _BB_SUID_MAYBE: neither of the above
         (every instance of _BB_SUID_REQUIRE and _BB_SUID_MAYBE
         needs to be justified in comment)
+        NB: please update FEATURE_SUID help text whenever you add/remove
+        _BB_SUID_REQUIRE or _BB_SUID_MAYBE applet.
 */
 
 #if defined(PROTOTYPES)

diff --git a/loginutils/Config.src b/loginutils/Config.src
index 8158bce..4c771bb 100644 (file)
--- a/loginutils/Config.src
+++ b/loginutils/Config.src
@@ -186,7 +186,6 @@ config GETTY
 config LOGIN
        bool "login"
        default y
-       select FEATURE_SUID
        select FEATURE_SYSLOG
        help
          login is used when signing onto a system.
@@ -229,7 +228,6 @@ config FEATURE_SECURETTY
 config PASSWD
        bool "passwd"
        default y
-       select FEATURE_SUID
        select FEATURE_SYSLOG
        help
          passwd changes passwords for user and group accounts. A normal user
@@ -265,7 +263,6 @@ config CHPASSWD
 config SU
        bool "su"
        default y
-       select FEATURE_SUID
        select FEATURE_SYSLOG
        help
          su is used to become another user during a login session.
@@ -295,7 +292,6 @@ config SULOGIN
 config VLOCK
        bool "vlock"
        default y
-       select FEATURE_SUID
        help
          Build the "vlock" applet which allows you to lock (virtual) terminals.
 

diff --git a/miscutils/Config.src b/miscutils/Config.src
index 4912daf..da52e14 100644 (file)
--- a/miscutils/Config.src
+++ b/miscutils/Config.src
@@ -170,7 +170,6 @@ config FEATURE_CROND_DIR
 config CRONTAB
        bool "crontab"
        default y
-       select FEATURE_SUID
        help
          Crontab manipulates the crontab for a particular user. Only
          the superuser may specify a different user and/or crontab directory.

diff --git a/util-linux/Config.src b/util-linux/Config.src
index dbf2b0d..941a47f 100644 (file)
--- a/util-linux/Config.src
+++ b/util-linux/Config.src
@@ -361,7 +361,6 @@ config FEATURE_HWCLOCK_ADJTIME_FHS
 config IPCRM
        bool "ipcrm"
        default y
-       select FEATURE_SUID
        help
          The ipcrm utility allows the removal of System V interprocess
          communication (IPC) objects and the associated data structures
@@ -371,7 +370,6 @@ config IPCS
        bool "ipcs"
        default y
        depends on PLATFORM_LINUX
-       select FEATURE_SUID
        help
          The ipcs utility is used to provide information on the currently
          allocated System V interprocess (IPC) objects in the system.