[oe] TinyLogin

[Holger Schurig]

> No, I think you misunderstood what I meant.

Okay.

> The issue is that, since all the applets are linked together
> into one monolithic binary, and hence have the ability in
> theory to call any function in that binary, it is difficult to
> tell by looking at the source code which functions might
> potentially be called (directly or indirectly) by one of the
> setuid applets and hence would need to be included in an audit
> for privilege-escalation vulnerabilities.

I'd have to cross-ref one specific busybox version with my 
specific .config file and look the call graph below the 
SUID-root applets. That would reveal if this is a substantial 
claim or just a fear.

But hey, I am among those people that didn't do a 
priviledge-escalation-verification of tinylogin. And so I'm not 
inclined to do that now for busybox --- it's not something that 
I care fore.  The usage-scenarios of my devices don't call for 
such measures.

However, I like to base fear on evidence, that's why I replied.


> > Except that TinyLogin is end-of-life and won't get bugfixes
> > from upstream.
>
> Yes, that's obviously the tradeoff.

The end-of-life argument is an argument for my 
paranoid-suggestion ("create a tinylogin_1.13.3_bb file with 
SRC_URI = busybox and a stripped down .config only for the 
tinylogin-equivalent-applets").


> Tinylogin is simple enough, though, that fixing bugs locally
> would be easy enough if that became necessary.

Your point <smile>

Let's wait (some more years) for the security assessment of 
tinylogin then <even bigger smile>.