root:/> ls -l /dev/mtd1 crw-rw---- 1 root root 90, 0 Mar 10 15:48 /dev/mtd1 root:/> cp /etc/TZ /dev/mtd1 root:/> ls -l /dev/mtd1 -rw-r--r-- 1 root root 9 Mar 10 15:48 /dev/mtd1 The following patch can fix it, Index: busybox-1.15.1/libbb/copy_file.c =================================================================== --- busybox-1.15.1/libbb/copy_file.c (revision 8868) +++ busybox-1.15.1/libbb/copy_file.c (working copy) @@ -276,7 +276,7 @@ new_mode = 0666; // POSIX way is a security problem versus (sym)link attacks - if (!ENABLE_FEATURE_NON_POSIX_CP) { + if (!ENABLE_FEATURE_NON_POSIX_CP || !S_ISLNK(dest_stat.st_mode)) { dst_fd = open(dest, O_WRONLY|O_CREAT|O_TRUNC, new_mode); } else { /* safe way: */ dst_fd = open(dest, O_WRONLY|O_CREAT|O_EXCL, new_mode); busybox-1.14.3 is OK. http://www.busybox.net/downloads/snapshots/busybox-20090930.tar.bz2 is fail.
then disable CONFIG_FEATURE_NON_POSIX_CP in the busybox config
As this option have decleared that, With this option, "cp file symlink" will delete symlink and create a regular file. This does not conform to POSIX, but prevents a symlink attack. Similarly, "cp file device" will not send file's data to the device. so this is not a bug. close it.
Or you can use more obvious "cat file >device_or_symlink" construct in your scripts, if what you really are trying to do is not a "create a copy of file A", but "reading from A and writing to B, till eof on A".