emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,457 Commits 1 Branch 0 Tags 33 MiB
C 93.2%
Shell 4.1%
Assembly 1%
Makefile 0.7%
C++ 0.5%
Other 0.2%
5797c7f0ef
Go to file
Rob Landley 5797c7f0ef Doug Swarin pointed out a security bug in the -i option of sed. 
While the permissions on the temp file are correct to prevent it from being 
maliciously mangled by passing strangers, (created with 600, opened O_EXCL, 
etc), the permissions on the _directory_ might not be, and we re-open the 
file to convert the filehandle to a FILE * (and automatically get an error 
message and exit if the directory's read-only or out of space or some such).

This opens a potential race condition if somebody's using dnotify on the 
directory, deletes/renames the tempfile, and drops a symlink or something 
there.  Somebody running sed -i as root in a world writeable directory could 
do damage.

I dug up notes on an earlier discussion where we looked at the security 
implications of this (unfortunately on the #uclibc channel rather than email; 
I don't have a transcript, just notes-to-self) which pointed out that if the 
permissions on the directory allow other people's files to be deleted/renamed 
then the original file is vulnerable to sabotage anyway.  However, there are 
two cases that discussion apparently didn't take into account:

1) Using another user's permissions to damage files in other directories you 
can't access (standard symlink attack).

2) Reading data another user couldn't otherwise access by having the new file 
belong to that other user.

This patch uses fdopen to convert the filehandle into a FILE *, rather than
reopening the file.
2005-05-18 05:56:16 +00:00
applets output busybox help to stdout, not stderr 2005-04-22 02:19:01 +00:00
archival change the hardcoded error constant (0x80000000UL) to a nice flexible define (BB_GETOPT_ERROR) 2005-05-11 00:39:03 +00:00
console-tools egor duda writes: 2004-10-08 07:46:08 +00:00
coreutils use more busybox functions and remove redundant code 2005-05-16 22:35:59 +00:00
debian Remove the CONFIG_FEATURE_SH_APPLETS_ALWAYS_WIN option. It was sortof 2004-04-07 09:34:27 +00:00
debianutils change the hardcoded error constant (0x80000000UL) to a nice flexible define (BB_GETOPT_ERROR) 2005-05-11 00:39:03 +00:00
docs update example to use bb_ prefixed names and remove old note about config.h (since the header is generated automatically now) 2005-04-23 01:43:45 +00:00
e2fsprogs make sure we add the local dir to the include path 2005-05-16 22:05:07 +00:00
editors Doug Swarin pointed out a security bug in the -i option of sed. 2005-05-18 05:56:16 +00:00
examples David Brownell submitted a new applet, zcip, based on RFC 3927. This is 2005-04-30 03:49:37 +00:00
findutils Patch from Bernhard Fischer to make a bunch of symbols static 2005-04-16 19:39:00 +00:00
include Add automatic umount support to eject command. Patch from Tito, 2005-05-14 00:46:18 +00:00
init jfb2 writes in Bug 119: 2005-04-16 08:21:34 +00:00
libbb change the hardcoded error constant (0x80000000UL) to a nice flexible define (BB_GETOPT_ERROR) 2005-05-11 00:39:03 +00:00
libpwdgrp egor duda writes: 2004-10-08 07:46:08 +00:00
loginutils A patch from Takeharu KATO to update/fix SE-Linux support. 2005-05-03 06:25:50 +00:00
miscutils Tito pointed out I'd broken -t (argv[optind] can't be before getulflags), 2005-05-15 01:32:47 +00:00
modutils Tweak the "pretty lsmod for 2.6" patch to be seperately selectable. 2005-05-04 23:55:06 +00:00
networking import ether-wake applet by haveaniceday Bug 252 2005-05-11 03:59:53 +00:00
patches import eject by Peter Willis / Tito Ragusa 2005-05-11 00:25:47 +00:00
procps A patch from Takeharu KATO to update/fix SE-Linux support. 2005-05-03 06:25:50 +00:00
scripts Updated to match trunk/uClibc/extra/config as of r10132, and thus 2005-04-19 09:55:06 +00:00
shell This one's from me. Fix ash "standalone shell". 2005-05-07 08:27:34 +00:00
sysdeps/linux On Wednesday 27 April 2005 05:23 am, Patrick Huesmann wrote: 2005-04-29 19:48:29 +00:00
sysklogd fix typoe (buildddir -> builddir) 2005-04-21 01:49:05 +00:00
testsuite egor duda writes: 2004-10-08 07:46:08 +00:00
util-linux change the hardcoded error constant (0x80000000UL) to a nice flexible define (BB_GETOPT_ERROR) 2005-05-11 00:39:03 +00:00
.cvsignore Yet another major rework of the BusyBox config system, using the considerably 2002-12-05 08:41:41 +00:00
.indent.pro First revision of the Busybox Style Guide and an accompanying .indent.pro 2000-07-24 22:36:06 +00:00
AUTHORS Small comm implementatin from Rob Sullivan. Needed to build perl. 2005-05-11 23:12:49 +00:00
Changelog prepare for release 2004-10-13 09:42:10 +00:00
INSTALL Remove trailing whitespace. Update copyright to include 2004. 2004-03-15 08:29:22 +00:00
LICENSE Update a bunch of docs. Run a script to update my email addr. 2003-07-14 21:21:08 +00:00
Makefile A patch from Takeharu KATO to update/fix SE-Linux support. 2005-05-03 06:25:50 +00:00
README Fix the supported architectures section 2004-10-08 10:52:08 +00:00
Rules.mak Bump version 2004-10-08 10:52:33 +00:00
TODO remove whitespace 2005-02-13 22:20:35 +00:00

README 

Please see the LICENSE file for details on copying and usage.

BusyBox combines tiny versions of many common UNIX utilities into a single
small executable. It provides minimalist replacements for most of the utilities
you usually find in GNU coreutils, util-linux, etc. The utilities in BusyBox
generally have fewer options than their full-featured GNU cousins; however, the
options that are included provide the expected functionality and behave very
much like their GNU counterparts.

BusyBox has been written with size-optimization and limited resources in mind.
It is also extremely modular so you can easily include or exclude commands (or
features) at compile time. This makes it easy to customize your embedded
systems. To create a working system, just add /dev, /etc, and a Linux kernel.
BusyBox provides a fairly complete POSIX environment for any small or embedded
system.

BusyBox is extremely configurable.  This allows you to include only the
components you need, thereby reducing binary size. Run 'make config' or
'make menuconfig' to select the functionality that you wish to enable.

After the build is complete, a busybox.links file is generated.  This is
used by 'make install' to create symlinks to the BusyBox binary for all
compiled in functions.  By default, 'make install' will place the symlink
forest into `pwd`/_install unless you have defined the PREFIX environment
variable (i.e., 'make PREFIX=/tmp/foo install')

If you wish to install hard links, rather than symlinks, you can use
'make PREFIX=/tmp/foo install-hardlinks' instead.

----------------

Supported architectures:

   BusyBox in general will build on any architecture supported by gcc.
   Kernel module loading for 2.2 and 2.4 Linux kernels is currently
   limited to ARM, CRIS, H8/300, x86, ia64, x86_64, m68k, MIPS, PowerPC,
   S390, SH3/4/5, Sparc, v850e, and x86_64 for 2.4.x kernels.  For 2.6.x
   kernels, kernel module loading support should work on all architectures.


Supported C Libraries:

   uClibc and glibc are supported.  People have been looking at newlib and
   dietlibc, but they are currently considered unsupported, untested, or
   worse.  Linux-libc5 is no longer supported -- you should probably use uClibc
   instead if you want a small C library.

Supported kernels:

   Full functionality requires Linux 2.2.x or better.  A large fraction of the
   code should run on just about anything.  While the current code is fairly
   Linux specific, it should be fairly easy to port the majority of the code
   to support, say, FreeBSD or Solaris, or Mac OS X, or even Windows (if you
   are into that sort of thing).

----------------

Getting help:

When you find you need help, you can check out the BusyBox mailing list
archives at http://busybox.net/lists/busybox/ or even join
the mailing list if you are interested.

----------------

Bugs:

If you find bugs, please submit a detailed bug report to the BusyBox mailing
list at busybox@mail.busybox.net.  A well-written bug report should include a
transcript of a shell session that demonstrates the bad behavior and enables
anyone else to duplicate the bug on their own machine. The following is such
an example:

    To: busybox@mail.busybox.net
    From: diligent@testing.linux.org
    Subject: /bin/date doesn't work

    Package: BusyBox
    Version: 1.00

    When I execute BusyBox 'date' it produces unexpected results.
    With GNU date I get the following output:

	$ date
	Fri Oct  8 14:19:41 MDT 2004

    But when I use BusyBox date I get this instead:

	$ date
	illegal instruction

    I am using Debian unstable, kernel version 2.4.25-vrs2 on a Netwinder,
    and the latest uClibc from CVS.  Thanks for the wonderful program!

	-Diligent

Note the careful description and use of examples showing not only what BusyBox
does, but also a counter example showing what an equivalent GNU app does.  Bug
reports lacking such detail may never be fixed...  Thanks for understanding.

----------------

Downloads:

Source for the latest released version, as well as daily snapshots, can always
be downloaded from
    http://busybox.net/downloads/

----------------

CVS:

BusyBox now has its own publicly browsable CVS tree at:
    http://busybox.net/cgi-bin/cvsweb/busybox/

Anonymous CVS access is available.  For instructions, check out:
    http://busybox.net/cvs_anon.html

For those that are actively contributing there is even CVS write access:
    http://busybox.net/cvs_write.html

----------------

Please feed suggestions, bug reports, insults, and bribes back to:
	Erik Andersen
	<andersen@codepoet.org>