emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chat: trim help text

Browse Source 
Noticed while auditing nofork/noexec status

function                                             old     new   delta
packed_usage                                       31777   31747     -30

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2017-08-04 17:36:16 +02:00
parent dd5a40246b
commit 74c05f5b2c
3 changed files with 58 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
NOFORK_NOEXEC.lst
View File

@ -11,8 +11,8 @@ runner: sometimes may run for long(ish) time, and/or works with network:
^C has to work (cat BIGFILE, chmod -R, ftpget, nc) ^C has to work (cat BIGFILE, chmod -R, ftpget, nc)
"runners" can become eligible after shell is taught ^C to interrupt NOFORKs, "runners" can become eligible after shell is taught ^C to interrupt NOFORKs,
need to be inspected that they do not fall into alloc+xfunc, open+xfunc need to be inspected that they do not fall into alloc+xfunc, open+xfunc,
categories. leak categories.
Why can't be NOEXEC: Why can't be NOEXEC:
suid: runs under different uid - must fork+exec suid: runs under different uid - must fork+exec
@ -23,7 +23,15 @@ daemon: runs indefinitely; these are also always fit "rare" category
longterm: often runs for a long time (many seconds), execing would make longterm: often runs for a long time (many seconds), execing would make
memory footprint smaller memory footprint smaller
complex: no immediately obvious reason why NOFORK wouldn't work, complex: no immediately obvious reason why NOFORK wouldn't work,
but does some non-obvoius operations (example: fuser, lsof, losetup) but does some non-obvoius operations (example: fuser, lsof, losetup);
detailed audit often turns out that it's a leaker
Interesting example of "interactive" applet which is nevertheless can be
(and is) NOEXEC is "rm". Yes, "rm -i" is interactive - but it's not that typical
for users to keep it waiting for many minutes, whereas running "rm" in shell
is very typical, and speeding up this common use via NOEXEC is useful.
IOW: rm is "interactive", but not "longterm".
[ - NOFORK [ - NOFORK
[[ - NOFORK [[ - NOFORK
@ -34,9 +42,9 @@ adduser
adjtimex adjtimex
ar - runner ar - runner
arch - NOFORK arch - NOFORK
arp arp - complex, rare
arping - runner arping - runner
ash - interactive ash - interactive, longterm
awk - noexec. runner awk - noexec. runner
base64 - runner base64 - runner
basename - NOFORK basename - NOFORK
@ -52,7 +60,7 @@ bzcat - runner
bzip2 - runner bzip2 - runner
cal - runner: cal -n9999 cal - runner: cal -n9999
cat - runner cat - runner
chat chat - needs ^C to work
chattr - runner chattr - runner
chgrp - noexec. runner chgrp - noexec. runner
chmod - noexec. runner chmod - noexec. runner
@ -77,10 +85,10 @@ cut - noexec. runner
date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf) date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf)
dc - runner (eats stdin if no params) dc - runner (eats stdin if no params)
dd - noexec. runner dd - noexec. runner
deallocvt deallocvt - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec.
delgroup delgroup
deluser deluser
depmod depmod - complex, rare
devmem - runner, complex (access to device memory may hang) devmem - runner, complex (access to device memory may hang)
df - complex (nested allocs) df - complex (nested allocs)
dhcprelay - daemon dhcprelay - daemon
@ -88,16 +96,16 @@ diff - runner
dirname - NOFORK dirname - NOFORK
dmesg - runner dmesg - runner
dnsd - daemon dnsd - daemon
dnsdomainname - DNS resolution may trigger, need ^C dnsdomainname - needs ^C (may talk to DNS servers, which may be down)
dos2unix - noexec. runner dos2unix - noexec. runner
dpkg - runner dpkg - runner
du - runner du - runner
dumpkmap dumpkmap - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec.
dumpleases dumpleases
echo - NOFORK echo - NOFORK
ed - interactive ed - interactive, longterm
egrep - runner egrep - longterm runner ("CMD | egrep ..." may run indefinitely, better to exec to conserve memory)
eject eject - leaks: open+ioctl_or_perror_and_die, changes state (moves fds)
env - noexec. changes state (env) env - noexec. changes state (env)
envdir - spawner envdir - spawner
envuidgid - spawner envuidgid - spawner
@ -107,24 +115,24 @@ factor - runner (eats stdin if no params)
fakeidentd - daemon fakeidentd - daemon
false - NOFORK false - NOFORK
fatattr - complex (xopen+xioctl can leak fd) fatattr - complex (xopen+xioctl can leak fd)
fbset fbset - leaks: open+xfunc, complex, rare
fbsplash - runner, interactive fbsplash - runner, longterm
fdflush fdflush - leaks: open+ioctl_or_perror_and_die, needs ^C (floppy may be unresponsive), rare
fdformat - runner fdformat - needs ^C (floppy may be unresponsive), longterm, rare
fdisk - interactive fdisk - interactive, longterm
fgconsole fgconsole - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec.
fgrep - runner fgrep - longterm runner ("CMD | fgrep ..." may run indefinitely, better to exec to conserve memory)
find - noexec. runner find - noexec. runner
findfs - suid findfs - suid
flash_eraseall flash_eraseall
flash_lock flash_lock
flash_unlock flash_unlock
flashcp flashcp
flock flock - spawner, changes state (file locks)
fold - noexec. runner fold - noexec. runner
free - nofork candidate(struct globals, needs to close /proc/meminfo fd) free - nofork candidate(struct globals, needs to close /proc/meminfo fd)
freeramdisk freeramdisk - leaks: open+ioctl_or_perror_and_die
fsck - interactive fsck - interactive, longterm
fsck.minix fsck.minix
fsfreeze fsfreeze
fstrim fstrim
@ -134,8 +142,8 @@ ftpget - runner
ftpput - runner ftpput - runner
fuser - complex fuser - complex
getopt - noexec. complex (many allocs) getopt - noexec. complex (many allocs)
getty - interactive getty - interactive, longterm
grep - runner grep - longterm runner ("CMD | grep ..." may run indefinitely, better to exec to conserve memory)
groups - noexec groups - noexec
gunzip - runner gunzip - runner
gzip - runner gzip - runner
@ -147,7 +155,7 @@ hexdump - noexec. runner
hostid - NOFORK hostid - NOFORK
hostname - DNS resolution may trigger, need ^C hostname - DNS resolution may trigger, need ^C
httpd - daemon httpd - daemon
hush - interactive hush - interactive, longterm
hwclock hwclock
i2cdetect i2cdetect
i2cdump i2cdump
@ -180,39 +188,39 @@ killall - NOFORK
killall5 - NOFORK killall5 - NOFORK
klogd - daemon klogd - daemon
last - runner (I've got 1300 lines of output when tried it) last - runner (I've got 1300 lines of output when tried it)
less - interactive less - interactive, longterm
link - NOFORK link - NOFORK
linux32 - spawner linux32 - spawner
linux64 - spawner linux64 - spawner
linuxrc - daemon linuxrc - daemon
ln - noexec ln - noexec
loadfont loadfont
loadkmap loadkmap - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec.
logger - runner logger - runner
login - suid, interactive login - suid, interactive, longterm
logname - NOFORK logname - NOFORK
losetup - complex losetup - complex
lpd - daemon lpd - daemon
lpq - runner lpq - runner
lpr - runner lpr - runner
ls - noexec. runner ls - noexec. runner
lsattr lsattr - runner. noexec candidate (ls is, why not this one?)
lsmod - noexec lsmod - noexec
lsof - complex lsof - complex
lspci lspci - noexec candidate, too rare to bother for nofork
lsscsi lsscsi - noexec candidate, too rare to bother for nofork
lsusb lsusb - noexec candidate, too rare to bother for nofork
lzcat - runner lzcat - runner
lzma - runner lzma - runner
lzop - runner lzop - runner
lzopcat - runner lzopcat - runner
makedevs makedevs
makemime - runner makemime - runner
man - spawner, interactive man - spawner, interactive, longterm
md5sum - noexec. runner md5sum - noexec. runner
mdev - daemon mdev - daemon
mesg mesg
microcom - interactive, complex microcom - interactive, longterm
mkdir - NOFORK mkdir - NOFORK
mkdosfs mkdosfs
mke2fs mke2fs
@ -223,10 +231,10 @@ mkfs.vfat
mknod - noexec mknod - noexec
mkpasswd mkpasswd
mkswap mkswap
mktemp mktemp - leaks: xstrdup+concat_path_file
modinfo - noexec modinfo - noexec
modprobe - noexec modprobe - noexec
more - interactive more - interactive, longterm
mount - suid mount - suid
mountpoint mountpoint
mpstat mpstat
@ -305,12 +313,11 @@ setpriv - spawner
setserial setserial
setsid - spawner setsid - spawner
setuidgid setuidgid
sh - interactive
sha1sum - noexec. runner sha1sum - noexec. runner
sha256sum - noexec. runner sha256sum - noexec. runner
sha3sum - noexec. runner sha3sum - noexec. runner
sha512sum - noexec. runner sha512sum - noexec. runner
showkey - interactive showkey - interactive, longterm
shred - runner shred - runner
shuf - noexec. runner shuf - noexec. runner
slattach slattach
@ -342,7 +349,7 @@ tar - runner
taskset - spawner taskset - spawner
tcpsvd - daemon tcpsvd - daemon
tee - runner tee - runner
telnet - interactive telnet - interactive, longterm
telnetd - daemon telnetd - daemon
test - NOFORK test - NOFORK
tftp - runner tftp - runner
@ -359,7 +366,7 @@ truncate - NOFORK
tty - NOFORK tty - NOFORK
ttysize - NOFORK ttysize - NOFORK
tunctl tunctl
tune2fs tune2fs - leaks: open+xfunc
ubiattach ubiattach
ubidetach ubidetach
ubimkvol ubimkvol
@ -387,8 +394,8 @@ users - nofork candidate(is getutxent ok?)
usleep - NOFORK usleep - NOFORK
uudecode - runner uudecode - runner
uuencode - runner uuencode - runner
vconfig vconfig - leaks: xsocket+ioctl_or_perror_and_die
vi - interactive vi - interactive, longterm
vlock - suid vlock - suid
volname - runner volname - runner
w w

4
miscutils/chat.c
View File

@ -82,8 +82,8 @@
//usage: "EXPECT [SEND [EXPECT [SEND...]]]" //usage: "EXPECT [SEND [EXPECT [SEND...]]]"
//usage:#define chat_full_usage "\n\n" //usage:#define chat_full_usage "\n\n"
//usage: "Useful for interacting with a modem connected to stdin/stdout.\n" //usage: "Useful for interacting with a modem connected to stdin/stdout.\n"
//usage: "A script consists of one or more \"expect-send\" pairs of strings,\n" //usage: "A script consists of \"expect-send\" argument pairs.\n"
//usage: "each pair is a pair of arguments. Example:\n" //usage: "Example:\n"
//usage: "chat '' ATZ OK ATD123456 CONNECT '' ogin: pppuser word: ppppass '~'" //usage: "chat '' ATZ OK ATD123456 CONNECT '' ogin: pppuser word: ppppass '~'"
#include "libbb.h" #include "libbb.h"

8
util-linux/freeramdisk.c
View File

@ -67,8 +67,12 @@ int freeramdisk_main(int argc UNUSED_PARAM, char **argv)
fd = xopen(single_argv(argv), O_RDWR); fd = xopen(single_argv(argv), O_RDWR);
// Act like freeramdisk, fdflush, or both depending on configuration. // Act like freeramdisk, fdflush, or both depending on configuration.
ioctl_or_perror_and_die(fd, (ENABLE_FREERAMDISK && applet_name[1] == 'r') ioctl_or_perror_and_die(fd,
|| !ENABLE_FDFLUSH ? BLKFLSBUF : FDFLUSH, NULL, "%s", argv[1]); ((ENABLE_FREERAMDISK && applet_name[1] == 'r') || !ENABLE_FDFLUSH)
? BLKFLSBUF
: FDFLUSH,
NULL, "%s", argv[1]
);
if (ENABLE_FEATURE_CLEAN_UP) close(fd); if (ENABLE_FEATURE_CLEAN_UP) close(fd);