WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: Suggestion for core modification  (Read 10296 times)

Offline Roberto A. Foglietta

  • Full Member
  • ***
  • Posts: 212
    • personal home page
Re: Suggestion for core modification
« Reply #30 on: August 18, 2021, 05:22:56 AM »
These setting in busybox config

CONFIG_FEATURE_LESS_RAW=y
CONFIG_FEATURE_LESS_ENV=y

are useful to display colors when using git. the size increase is negible

or add less.tcz to git dependencies. Thank you, R.

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 11050
Re: Suggestion for core modification
« Reply #31 on: August 18, 2021, 11:23:44 AM »
BB less lacks some other features I commonly use with git. However it's an optional thing, you can configure your git less options.
The only barriers that can stop you are the ones you create yourself.

Offline Roberto A. Foglietta

  • Full Member
  • ***
  • Posts: 212
    • personal home page
Re: Suggestion for core modification
« Reply #32 on: August 18, 2021, 11:37:57 AM »
you can configure your git less options.

Or you can add less.tgz to git dependencies, it only 74Kb.  ;)

Offline curaga

  • Administrator
  • Hero Member
  • *****
  • Posts: 11050
Re: Suggestion for core modification
« Reply #33 on: August 19, 2021, 03:53:30 AM »
That is not the TC philosophy.
The only barriers that can stop you are the ones you create yourself.

Offline Roberto A. Foglietta

  • Full Member
  • ***
  • Posts: 212
    • personal home page
Re: Suggestion for core modification
« Reply #34 on: August 20, 2021, 08:33:28 PM »
You are correct that we have sudo, but having sudo as a known decision does not mean other things need to be left open.

No, the bug was serious, breaking many scripts.

I did an extensive search on the forum about the use of busybox.suid and I found this, for example:

http://forum.tinycorelinux.net/index.php/topic,24512.msg155587.html#msg155587

It is just an example but it is fine for a general consideration: existing script might call busybo.suid included those are embedded into TCZ extensions. This makes the single busybox file not viable, at first glance. To address this problem, I have created a script named busybox.suid that redirect to these calls to busybox. So the system is not aware that everything has been aggregate into one single executable.

About security: you are not going to remove sudo, IMHO. So, the busybox single file do not add insecurity to the current configuration. Moreover, busybox is open source and its code is deeply checked. So, it can be trusted that it drops suid in a safe way.

Then, the only remaining issue is about violation against /etc/busybox.conf. This file is included into rootfs.gz so its initial permissions are safely/correctly set. This means that ownership/permission/content will be reset at any boot. However, the user using sudo might inadvertently changed the permissions/ownership but these changes will not last and we cannot defend the system against the users especially if they manage it by a passwordless sudo.

So, at the end of the day the only remaining security concern is about sudo not busybox.

Soon, Tinycore Editor will be ready also for x86 32bit - by now it is ready for x86 64bit. I suggest to give to it a try, loading an Xserver and doing some common stuff to check if any problem will arise. I suggest to use the v0.4.9 in such a way, we will have a reference point to check each others any kind of issue.

https://github.com/robang74/tinycore-editor/archive/refs/tags/v0.4.9.tar.gz

I also suggest to use meta-packages: after the first ISO/USB image has been produced do

cd tinycore
sudo ./tczmetamerge.sh
cd ..
./make.sh iso (or image)

In this way and since the tcz/*-meta.tcz* will be removed, the ISO/USB image produced will use meta-package which aggregate the TCZ in four onion rings: sshonly, usbkey, develop, devtools.

Thank you,
-R