[oe] tinylogin vs. busybox

Wed Feb 13 15:06:07 UTC 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If that email is true, we could dump tinylogin, but frankly, I trust
busybox as far as I can throw a piano (and toybox as far as I can throw
a 21" crt) and SUID root binaries make my skin crawl, so we must be very
carefull and do thorough tests before making this change.
The last thing we want is $bigcompany to blame OE for the exploitabilty
of their devices.

|> I don't think OE should force
|> people to only have one user ('root') on their systems, since that is
|> exactly what your proposed change would mean.
|
| I agree, but I don't see why using busybox login would limit us to
root-only.
| Care to give more details?

The way busybox worked before is that *any* busybox applet is SUID root,
which means 'vi' and 'passwd' are as well, which in practice means there
is only one user: root.

| Besides, I think using something old and dead as tinylogin with known
bugs is
| more of a security problem than setuid root busybox...

That depends on what those bugs are, I can't do more than handwaving
about one being less secure as the other without that knowledge.

regards,

Koen

- --
koen at dominion.kabel.utwente.nl will go go away in december 2007, please
use k.kooi at student.utwente.nl instead.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFHswdfMkyGM64RGpERAhIXAJ9+ve//TgUn/U7ZFYUmNaqitAY+bwCfY4pF
JPmlPuPhBdvndxlqzveWVaE=
=nTlr
-----END PGP SIGNATURE-----