emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
28a209466f
busybox/miscutils
History
Ryan Mallon 1d30b3f1f6 wall,crontab: use xopen_as_uid_gid() 
This fixes a narrow security race in crontab.

function                                             old     new   delta
xopen_as_uid_gid                                       -      80     +80
seteuid                                                -      64     +64
setegid                                                -      64     +64
setreuid                                               -      37     +37
xseteuid                                               -      22     +22
xsetegid                                               -      22     +22
crontab_main                                         590     577     -13
setfsuid                                              33       -     -33
setfsgid                                              33       -     -33
wall_main                                            138     102     -36
open_as_user                                         109       -    -109

   text    data     bss     dec     hex filename
 893539     497    7568  901604   dc1e4 busybox_old
 893618     497    7568  901683   dc233 busybox_unstripped

Signed-off-by: Ryan Mallon <rmallon@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2013-10-08 14:53:29 +02:00
..
adjtimex.c a few tweaks for bionic 2011-07-08 08:34:28 +02:00
bbconfig.c rename archive.h to bb_archive.h. no code changes 2011-09-22 12:45:14 +02:00
beep.c *: remove "Options:" string from help texts 2011-06-05 03:58:28 +02:00
chat.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
chrt.c chrt: remove warning for _POSIX_PRIORITY_SCHEDULING 2013-07-08 11:20:13 +02:00
Config.src wall: access FILE under real user's credentials 2013-10-06 15:14:25 +02:00
conspy.c conspy: add framebuffer support, -Q option. 2011-09-13 18:39:04 +02:00
crond.c CONFIG_PID_FILE_PATH: new configuration option for pidfile paths 2012-12-19 15:53:33 -05:00
crontab.c wall,crontab: use xopen_as_uid_gid() 2013-10-08 14:53:29 +02:00
dc.c dc: code shrink 2013-01-18 13:30:13 +01:00
devfsd.c whitespace fixes. no code changes 2013-01-15 13:58:01 +01:00
devmem.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
eject.c *: remove "Options:" string from help texts 2011-06-05 03:58:28 +02:00
fbsplash.c whitespace fixes. no code changes 2013-01-14 01:34:48 +01:00
fbsplash.cfg fbsplash: cosmetic comment and Config text fixes; rename .ini -> .cfg 2008-03-26 15:12:11 +00:00
flash_eraseall.c flash_eraseall: implement -N 2013-03-15 00:42:39 +01:00
flash_lock_unlock.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
flashcp.c flashcp: trivial code shrink 2013-01-28 12:26:29 +01:00
hdparm.c whitespace fixes. no code changes 2013-01-15 13:58:01 +01:00
inotifyd.c inotify: if PROG is -, print events to stdout 2011-10-10 20:24:02 +02:00
ionice.c *: remove "Options:" string from help texts 2011-06-05 03:58:28 +02:00
Kbuild.src wall: access FILE under real user's credentials 2013-10-06 15:14:25 +02:00
last_fancy.c whitespace cleanup. no code changes 2013-01-14 15:57:44 +01:00
last.c whitespace fixes. no code changes 2013-01-14 01:34:48 +01:00
less.c less: support "less 1<>TTY" 2013-08-04 17:41:19 +02:00
makedevs.c makedevs: fix help-text 2011-05-30 23:00:47 +02:00
man.c man: find posix man pages 2013-08-25 17:38:25 -04:00
microcom.c *: remove "Options:" string from help texts 2011-06-05 03:58:28 +02:00
mountpoint.c *: remove "Options:" string from help texts 2011-06-05 03:58:28 +02:00
mt.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
nandwrite.c nanddump: fix build if nandwrite isn't enabled 2013-03-15 00:27:41 +01:00
raidautorun.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
readahead.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
rfkill.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
runlevel.c whitespace fixes 2011-10-28 14:07:44 +02:00
rx.c whitespace fixes. no code changes 2013-01-15 13:58:01 +01:00
setserial.c setserial: Fix typo: s/baund_rate/baud_rate/g 2013-03-22 17:04:51 +01:00
setsid.c setsid: code shrink, expanded comments 2013-08-07 18:49:51 +02:00
strings.c *: remove "Options:" string from help texts 2011-06-05 03:58:28 +02:00
taskset.c *: remove "Options:" string from help texts 2011-06-05 03:58:28 +02:00
time.c whitespace fixes. no code changes 2013-01-15 13:58:01 +01:00
timeout.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
ttysize.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
ubi_tools.c ubi_tools: fix typo in strcpy 2013-08-04 21:07:20 +02:00
volname.c move remaining help text from include/usage.src.h 2011-04-11 03:29:49 +02:00
wall.c wall,crontab: use xopen_as_uid_gid() 2013-10-08 14:53:29 +02:00
watchdog.c CONFIG_PID_FILE_PATH: new configuration option for pidfile paths 2012-12-19 15:53:33 -05:00