Re: [alpine-devel] busybox and suid root apps (ping traceroute etc)
On Mon, 7 Mar 2011 15:38:45 +0100
Natanael Copa <ncopa_at_alpinelinux.org> wrote:
> I would like to hear about how you think we should solve:
> Problem: both iputils and bbsuid provides a /bin/ping binary (which
> needs to be suid root). iputils has a replaces=bbsuid so it replaces
> the busybox ping. But when you upgrade and new version of bbsuid
> exists you will get a conflict since /bin/ping now is owned by
> 1) Do nothing. Let upgraders 'apk del iputils' before upgrade and apk
> add iputils again after upgrade.
> 2) let bbsuid replace iputils. This will make the upgrade of bbsuid
> silently overwrite iputils' /bin/ping.
> 3) let busybox run as suid root and delete the bbsuid application
> 4) let bbsuid post-install script create symlinks the same way as
> busybox does.
i think #4 is the preferable solution here.
Received on Fri Mar 11 2011 - 16:54:58 UTC