Enabling runtime SUID/SGID configuration via /etc/busybox.conf
is not a very good default. Better to default to having it off
and let people get the default behavior. If they want to enable
/etc/busybox.conf they should explicitly ask for it.
diff --git a/sysdeps/linux/Config.in b/sysdeps/linux/Config.in
index 2a00a17..95491c9 100644
--- a/sysdeps/linux/Config.in
+++ b/sysdeps/linux/Config.in
@@ -94,14 +94,14 @@
config CONFIG_FEATURE_SUID_CONFIG
bool "Runtime SUID/SGID configuration via /etc/busybox.conf"
- default y if CONFIG_FEATURE_SUID
+ default n if CONFIG_FEATURE_SUID
depends on CONFIG_FEATURE_SUID
help
Allow the SUID / SGID state of an applet to be determined runtime by
checking /etc/busybox.conf. The format of this file is as follows:
<applet> = [Ssx-][Ssx-][x-] (<username>|<uid>).(<groupname>|<gid>)
-
+
An example might help:
[SUID]