Tiny Core Linux
Tiny Core Base => TCB Bugs => Topic started by: tinypoodle on August 01, 2010, 04:50:12 PM
-
udhcpc is overwriting /etc/resolv.conf each time it is called, regardless of file being set to read-only:
tc@box:~$ sudo chmod -v a-w /etc/resolv.conf
mode of '/etc/resolv.conf' changed to 0444 (r--r--r--)
tc@box:~$ ls -l /etc/resolv.conf
-r--r--r-- 1 root root 36 Aug 1 14:36 /etc/resolv.conf
tc@box:~$ sudo echo 'nameserver 8.8.8.8' > /etc/resolv.conf
sh: can't create /etc/resolv.conf: Permission denied
I didn't find an explicit option for udhcpc not to request DNS server address or not to "update" /etc/resolv.conf as found in other dhcp client.
How comes an app can overwrite a file chmod'ed to a-w, when even root gets 'permission denied' to write to it?
What are the possible implications on security here?
-
Common mistake with the echo, root has all the power ;)
tc@box:~$ sudo echo hello > file # the redirection happens in the shell, which is run by user tc
-
Ah, thank you very much, learned something! ;D
Of course the core of the issue remains, how to prevent udhcpc from overwriting /etc/resolv.conf
-
Ah, thank you very much, learned something! ;D
Of course the core of the issue remains, how to prevent udhcpc from overwriting /etc/resolv.conf
I haven't tried it, but maybe you could try changing /sbin/udhcpc in to a shell script wrapper that would recreate /etc/resolv.conf with your custom settings each time after it is called. Something like this:
busybox udhcpc $@
cat > /etc/resolv.conf << EOF
nameserver 0.0.0.0
nameserver 0.0.0.0
EOF
-
Thanks for the suggestion, I had been thinking about something along the lines of:
sudo mv -f /etc/resolv.conf~ /etc/resolv.conf
-
Proper solution in following thread:
http://forum.tinycorelinux.net/index.php?topic=8019