[oe] tinylogin vs. busybox
Koen Kooi
k.kooi at student.utwente.nl
Wed Feb 13 12:53:18 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Michael 'Mickey' Lauer schreef:
| I just realized that we are still using tinylogin which has bugs and
is dead.
| Newer busybox releases contain all the functionality. Anyone know a
| compelling reason to keep using tinylogin as the default in task-base? If
| not, I'd like to switch to busybox (after changing its defconfig) soon.
Using busybox as login requires it being setuid root, with all the nasty
security implications stemming from that. I don't think OE should force
people to only have one user ('root') on their systems, since that is
exactly what your proposed change would mean.
However, I have no objection to enabling login functionality in busybox.
So:
* keep tinylogin
* don't make busybox setuid root
* update defconfig
regards,
Koen
- --
koen at dominion.kabel.utwente.nl will go go away in december 2007, please
use k.kooi at student.utwente.nl instead.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFHsug+MkyGM64RGpERAihfAKCn2Vlva94cL6G/+eYLezttWkhADwCfYtgC
s8GPomq+b0MqLThl2ZVjxUQ=
=t8V1
-----END PGP SIGNATURE-----
More information about the Openembedded-devel
mailing list