mv: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko
parent
cbdc37cae0
commit
88663e481f
|
|
@ -89,7 +89,7 @@ clear - NOFORK
|
|||
cmp - runner
|
||||
comm - runner
|
||||
conspy - interactive, longterm
|
||||
cp - noexec. runner
|
||||
cp - noexec. sometimes runner
|
||||
cpio - runner
|
||||
crond - daemon
|
||||
crontab - longterm (runs $EDITOR), leaks: open+xasprintf
|
||||
|
|
@ -255,7 +255,7 @@ mount - suid
|
|||
mountpoint - noexec. leaks: option -n "print dev name": find_block_device -> readdir+xstrdup
|
||||
mpstat - longterm: "mpstat 1" runs indefinitely
|
||||
mt - hardware
|
||||
mv - noexec candidate, runner
|
||||
mv - noexec. sometimes runner
|
||||
nameif - noexec. openlog(), leaks: config_open2+ioctl_or_perror_and_die
|
||||
nbd-client - noexec
|
||||
nc - runner
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@
|
|||
//config: Also add support for --parents option.
|
||||
|
||||
//applet:IF_CP(APPLET_NOEXEC(cp, cp, BB_DIR_BIN, BB_SUID_DROP, cp))
|
||||
/* NOEXEC despite cases when it can be a "runner" (cp -r LARGE_DIR NEW_DIR) */
|
||||
|
||||
//kbuild:lib-$(CONFIG_CP) += cp.o
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,8 @@
|
|||
//config: help
|
||||
//config: mv is used to move or rename files or directories.
|
||||
|
||||
//applet:IF_MV(APPLET(mv, BB_DIR_BIN, BB_SUID_DROP))
|
||||
//applet:IF_MV(APPLET_NOEXEC(mv, mv, BB_DIR_BIN, BB_SUID_DROP, mv))
|
||||
/* NOEXEC despite cases when it can be a "runner" (mv LARGE_DIR OTHER_FS) */
|
||||
|
||||
//kbuild:lib-$(CONFIG_MV) += mv.o
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue