1 files changed, 15 insertions, 2 deletions
diff --git a/libbb/appletlib.c b/libbb/appletlib.c
index df6584978..b9fbbd1f2 100644
--- a/libbb/appletlib.c
+++ b/libbb/appletlib.c
@@ -681,8 +681,21 @@ static void check_suid(int applet_no)
                if (geteuid())
                        bb_error_msg_and_die("must be suid to work properly");
        } else if (APPLET_SUID(applet_no) == BB_SUID_DROP) {
-                xsetgid(rgid);  /* drop all privileges */
+                /*
-                xsetuid(ruid);
+                 * Drop all privileges.
+                 *
+                 * Don't check for errors: in normal use, they are impossible,
+                 * and in special cases, exiting is harmful. Example:
+                 * 'unshare --user' when user's shell is also from busybox.
+                 *
+                 * 'unshare --user' creates a new user namespace without any
+                 * uid mappings. Thus, busybox binary is setuid nobody:nogroup
+                 * within the namespace, as that is the only user. However,
+                 * since no uids are mapped, calls to setgid/setuid
+                 * fail (even though they would do nothing).
+                 */
+                setgid(rgid);
+                setuid(ruid);
        }
 #  if ENABLE_FEATURE_SUID_CONFIG
 ret: ;

diff --git a/libbb/appletlib.c b/libbb/appletlib.c index df6584978..b9fbbd1f2 100644 --- a/libbb/appletlib.c +++ b/libbb/appletlib.c
@@ -681,8 +681,21 @@ static void check_suid(int applet_no)
681	if (geteuid())	681	if (geteuid())
682	bb_error_msg_and_die("must be suid to work properly");	682	bb_error_msg_and_die("must be suid to work properly");
683	} else if (APPLET_SUID(applet_no) == BB_SUID_DROP) {	683	} else if (APPLET_SUID(applet_no) == BB_SUID_DROP) {
684	xsetgid(rgid); /* drop all privileges */	684	/*
685	xsetuid(ruid);	685	* Drop all privileges.
		686	*
		687	* Don't check for errors: in normal use, they are impossible,
		688	* and in special cases, exiting is harmful. Example:
		689	* 'unshare --user' when user's shell is also from busybox.
		690	*
		691	* 'unshare --user' creates a new user namespace without any
		692	* uid mappings. Thus, busybox binary is setuid nobody:nogroup
		693	* within the namespace, as that is the only user. However,
		694	* since no uids are mapped, calls to setgid/setuid
		695	* fail (even though they would do nothing).
		696	*/
		697	setgid(rgid);
		698	setuid(ruid);
686	}	699	}
687	# if ENABLE_FEATURE_SUID_CONFIG	700	# if ENABLE_FEATURE_SUID_CONFIG
688	ret: ;	701	ret: ;