[oe] TinyLogin

[Holger Schurig]

> > And maybe it should be deprecated as well. With Busybox
> > 1.13.3 you won't need TinyLogin at all.
>
> You do if you don't want busybox to run setuid root.

Is this a problem?  After all, busybox can drop priviledges:

-------------------------------
CONFIG_FEATURE_SUID

With this option you can install the busybox binary belonging to 
root with the suid bit set, and it will automatically drop 
priviledges for applets that don't need root access.
-------------------------------

The text goes further in case you don't trust busybox' auto-drop 
capability:

-------------------------------
If you are really paranoid and don't want to do this, build two 
busybox binaries with different applets in them (and the 
appropriate symlinks pointing to each binary), and only set the 
suid bit on the one that needs it. The applets currently marked 
to need the suid bit are:

crontab, dnsd, findfs, ipcrm, ipcs, login, passwd, ping, su,
traceroute, vlock.
----------------------------------


So, the paranoid thinking would make a tinylogin_1.13_3.bb file, 
which has busybox 1.13.3 in it's SRC_URI, select only the stuff 
needed for passwd, login, su and friends and install that a 
SUID.

In the meantime, I'm happy with my CONFIG_FEATURE_SUID-configured 
busybox :-)