appletlib.c: make it actally follow _BB_SUID_ALWAYS rules
adduser: implement -S and code shrink / fix uid selection
*: sanitize getspnam_r use
text data bss dec hex filename
777042 974 9676 787692 c04ec busybox_old
776883 974 9676 787533 c044d busybox_unstripped
diff --git a/libbb/appletlib.c b/libbb/appletlib.c
index 8b1ed80..4bd60d0 100644
--- a/libbb/appletlib.c
+++ b/libbb/appletlib.c
@@ -459,10 +459,7 @@
if (sct->m_applet == applet)
goto found;
}
- /* default: drop all privileges */
- xsetgid(rgid);
- xsetuid(ruid);
- return;
+ goto check_need_suid;
found:
m = sct->m_mode;
if (sct->m_uid == ruid)
@@ -505,13 +502,13 @@
}
}
#endif
+ check_need_suid:
#endif
-
if (applet->need_suid == _BB_SUID_ALWAYS) {
/* Real uid is not 0. If euid isn't 0 too, suid bit
* is most probably not set on our executable */
if (geteuid())
- bb_error_msg_and_die("applet requires root privileges!");
+ bb_error_msg_and_die("must be suid to work properly");
} else if (applet->need_suid == _BB_SUID_NEVER) {
xsetgid(rgid); /* drop all privileges */
xsetuid(ruid);