add/remove-shell,add/deluser,add/delgroup: make them NOEXEC

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 00:28:15 +02:00 · 2017-08-07 00:28:15 +02:00 · 7b8372b819
commit 7b8372b819
parent bfc66d4980
5 changed files with 15 additions and 13 deletions
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@ -36,9 +36,9 @@ IOW: rm is "interactive", but not "longterm".
 [ - NOFORK
 [[ - NOFORK
 acpid - daemon
-add-shell
+add-shell - noexec. leaks: open+xfunc
-addgroup
+addgroup - noexec. leaks
-adduser
+adduser - noexec. leaks
 adjtimex - NOFORK
 ar - runner
 arch - NOFORK
@ -86,8 +86,8 @@ date - noexec. nofork candidate(needs to stop messing up env, free xasprintf res
 dc - runner (eats stdin if no params)
 dd - noexec. runner
 deallocvt - noexec. leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds
-delgroup
+delgroup - noexec. leaks
-deluser
+deluser - noexec. leaks
 depmod - complex, rare
 devmem - runner, complex (access to device memory may hang)
 df - leaks: nested allocs
@ -282,7 +282,7 @@ readprofile - reads /boot/System.map and /proc/profile, better to free more memo
 realpath - NOFORK
 reboot - rare
 reformime - runner
-remove-shell
+remove-shell - noexec. leaks: open+xfunc
 renice - nofork candidate(uses getpwnam, is that ok?)
 reset - noexec. spawner (execs "stty")
 resize - noexec. changes state (signal handlers)
--- a/loginutils/add-remove-shell.c
+++ b/loginutils/add-remove-shell.c
@ -19,9 +19,9 @@
 //config:	help
 //config:	Remove shells from /etc/shells.
-//                       APPLET_ODDNAME:name          main              location         suid_type     help
+//                       APPLET_NOEXEC:name          main              location         suid_type     help
-//applet:IF_ADD_SHELL(   APPLET_ODDNAME(add-shell   , add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, add_shell   ))
+//applet:IF_ADD_SHELL(   APPLET_NOEXEC(add-shell   , add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, add_shell   ))
-//applet:IF_REMOVE_SHELL(APPLET_ODDNAME(remove-shell, add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, remove_shell))
+//applet:IF_REMOVE_SHELL(APPLET_NOEXEC(remove-shell, add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, remove_shell))
 //kbuild:lib-$(CONFIG_ADD_SHELL)    += add-remove-shell.o
 //kbuild:lib-$(CONFIG_REMOVE_SHELL) += add-remove-shell.o
@ -64,6 +64,7 @@ int add_remove_shell_main(int argc UNUSED_PARAM, char **argv)
 	if (orig_fp)
 		xfstat(fileno(orig_fp), &sb, orig_fn);
 	new_fn = xasprintf("%s.tmp", orig_fn);
 	/*
 	 * O_TRUNC or O_EXCL? At the first glance, O_EXCL looks better,
--- a/loginutils/addgroup.c
+++ b/loginutils/addgroup.c
@ -29,7 +29,7 @@
 //config:	addgroup will add an existing user to an
 //config:	existing group.
-//applet:IF_ADDGROUP(APPLET(addgroup, BB_DIR_USR_SBIN, BB_SUID_DROP))
+//applet:IF_ADDGROUP(APPLET_NOEXEC(addgroup, addgroup, BB_DIR_USR_SBIN, BB_SUID_DROP, addgroup))
 //kbuild:lib-$(CONFIG_ADDGROUP) += addgroup.o
--- a/loginutils/adduser.c
+++ b/loginutils/adduser.c
@ -53,7 +53,7 @@
 //config:	help
 //config:	Last valid system uid or gid for adduser and addgroup
-//applet:IF_ADDUSER(APPLET(adduser, BB_DIR_USR_SBIN, BB_SUID_DROP))
+//applet:IF_ADDUSER(APPLET_NOEXEC(adduser, adduser, BB_DIR_USR_SBIN, BB_SUID_DROP, adduser))
 //kbuild:lib-$(CONFIG_ADDUSER) += adduser.o
--- a/loginutils/deluser.c
+++ b/loginutils/deluser.c
@ -28,8 +28,9 @@
 //config:	If called with two non-option arguments, deluser
 //config:	or delgroup will remove an user from a specified group.
-//applet:IF_DELUSER(APPLET(deluser, BB_DIR_USR_SBIN, BB_SUID_DROP))
+//                   APPLET_NOEXEC:name      main     location         suid_type     help
-//applet:IF_DELGROUP(APPLET_ODDNAME(delgroup, deluser, BB_DIR_USR_SBIN, BB_SUID_DROP, delgroup))
+//applet:IF_DELUSER( APPLET_NOEXEC(deluser,  deluser, BB_DIR_USR_SBIN, BB_SUID_DROP, deluser))
 //applet:IF_DELGROUP(APPLET_NOEXEC(delgroup, deluser, BB_DIR_USR_SBIN, BB_SUID_DROP, delgroup))
 //kbuild:lib-$(CONFIG_DELUSER) += deluser.o
 //kbuild:lib-$(CONFIG_DELGROUP) += deluser.o