summaryrefslogtreecommitdiff
path: root/libbb/change_identity.c
AgeCommit message (Collapse)Author
2015-05-12libbb: Enable support for !CONFIG_MULTIUSERDaniel Thompson
Linux recently gained a new config option, CONFIG_MULTIUSER, that makes support for non-root users optional. This results in a number of syscalls being disabled: setuid, setregid, setgid, setreuid, setresuid, getresuid, setresgid, getresgid, setgroups, getgroups, setfsuid, setfsgid, capget, capset. Currently a number of busybox applets, including login, struggle to run when CONFIG_MULTIUSER is disabled. Even the root user is unable to login: login: can't set groups: Functi This patch adds code to make change_identity() a nop on single user systems. It works by recognising the signature errno value (ENOSYS, due to the system calls being disabled) and, to avoid security risks, only deploys when the current uid and target uid is the same. After the patch is applied any attempt to switch to a non-root user will fail. Thus a badly configured userspace (for example, one that tries to start a daemon as a non-root user when the kernel cannot support this) will report errors as one would expect. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2008-06-27*: introduce and use FAST_FUNC: regparm on i386, otherwise no-onDenis Vlasenko
text data bss dec hex filename 808035 611 6868 815514 c719a busybox_old 804472 611 6868 811951 c63af busybox_unstripped
2008-03-20inetd: use change_identity().Denis Vlasenko
libbb: shrink our internal initgroups(). httpd: remove stray 'else' and 'index_page = "index.html"' function old new delta httpd_main 750 743 -7 inetd_main 2033 2011 -22 bb_internal_initgroups 251 228 -23 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-52) Total: -52 bytes
2008-03-12crond: make it NOMMU-capableDenis Vlasenko
function old new delta safe_setenv4 - 62 +62 ForkJob 472 511 +39 change_identity 21 57 +36 ParseField 564 571 +7 SynchronizeDir 178 176 -2 LogLevel 4 - -4 LogFile 4 - -4 FileBase 4 - -4 DebugOpt 4 - -4 CDir 4 - -4 DeleteFile 141 132 -9 packed_usage 24248 24228 -20 crondlog 157 113 -44 change_identity_e2str 54 - -54 SynchronizeFile 729 671 -58 crond_main 1555 1404 -151 ------------------------------------------------------------------------------ (add/remove: 1/6 grow/shrink: 3/6 up/down: 144/-358) Total: -214 bytes
2007-10-01'simple' error message functions by Loic Grenie <loic.grenie@gmail.com>.Denis Vlasenko
263 bytes saved.
2006-10-31login: re-enable Ctrl-^C before execing shell.Denis Vlasenko
2006-09-08login: style fixesDenis Vlasenko
2006-07-16Cleaup read() and write() variants, plus a couple of new functions likeRob Landley
xlseek and fdlength() for the new mkswap.
2003-09-03more crond+crontab integrating with loginutil libbb functions and deletedGlenn L McGrath
patch from Thomas Gleixner to init. Viodz last_patch_108
2003-03-19Major coreutils update.Manuel Novoa III
2002-06-23Port over the last of the tinylogin appletsEric Andersen
-Erik