[Toybox] oh, the irony...
    Rob Landley 
    rob at landley.net
       
    Sun Oct 21 18:49:13 PDT 2018
    
    
  
On 10/17/2018 06:24 PM, enh wrote:
> $ ./toybox su --help
> toybox: Not root (see "toybox --help")
> 
> not sure what the fix is there though.
Ok, dug into it some more.
If you "chown root:root toybox" and "chmod +s toybox", the su command then works
as advertised. Including su --help. What's it's _complaining_ about is this
command needs suid root to function, and toybox is not installed with that.
The fact --help doesn't work in that case is still a problem, but it sounds like
the "Not installed suid root" error message a couple lines earlier is what it
should be printing in this case. (It's guarded by TOYBOX_DEBUG because it's
"your system is built wrong", not runtime user error, but you have that on so
should have seen it.)
Except that's not printing for the busybox multiplexer itself (which !=
toy_list; the standalone case shouldn't have CFG_TOYBOX_SUID set because then
the individual command binary either has the suid bit set or it doesn't and
we're not _dropping_ it), because the _multiplexer_ doesn't know (at this stage)
what command we're going to be running.
I suspect the "not installed right" error message should be printed here
instead, but need to redo the logic. Right now it's right from a security
perspective, but not from a usability perspective, and I kinda privilege the
former over the latter... :P
Queued up for next release...
Rob
P.S. I've meant for a while to have "make config-allsuid" and "config-nosuid"
targets so people can have two binaries and only install the suid bit on the one
containing the commands that needs them. I just haven't gotten around to it
because $DAYJOB. (And really it's a bit like the "make single" stuff because the
binaries would have to be named differently to be insalled next to each other...
toybox-suid and toybox-nosuid, so really the targets should be "make
toybox-allsuid" and "toybox-nosuid"... which is why it's on my todo list after
the kconfig rewrite.)
Rob
    
    
More information about the Toybox
mailing list