chattr,lsattr,tune2fs: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
parent
d3147cd5c3
commit
99125c0495
@ -61,7 +61,7 @@ bzip2 - runner
|
|||||||
cal - runner: cal -n9999
|
cal - runner: cal -n9999
|
||||||
cat - runner
|
cat - runner
|
||||||
chat - needs ^C to work
|
chat - needs ^C to work
|
||||||
chattr - runner
|
chattr - noexec. runner
|
||||||
chgrp - noexec. runner
|
chgrp - noexec. runner
|
||||||
chmod - noexec. runner
|
chmod - noexec. runner
|
||||||
chown - noexec. runner
|
chown - noexec. runner
|
||||||
@ -204,7 +204,7 @@ lpd - daemon
|
|||||||
lpq - runner
|
lpq - runner
|
||||||
lpr - runner
|
lpr - runner
|
||||||
ls - noexec. runner
|
ls - noexec. runner
|
||||||
lsattr - runner. noexec candidate (ls is, why not this one?)
|
lsattr - noexec. runner
|
||||||
lsmod - noexec
|
lsmod - noexec
|
||||||
lsof - complex
|
lsof - complex
|
||||||
lspci - noexec candidate, too rare to bother for nofork
|
lspci - noexec candidate, too rare to bother for nofork
|
||||||
@ -366,7 +366,7 @@ truncate - NOFORK
|
|||||||
tty - NOFORK
|
tty - NOFORK
|
||||||
ttysize - NOFORK
|
ttysize - NOFORK
|
||||||
tunctl
|
tunctl
|
||||||
tune2fs - leaks: open+xfunc
|
tune2fs - noexec. leaks: open+xfunc
|
||||||
ubiattach
|
ubiattach
|
||||||
ubidetach
|
ubidetach
|
||||||
ubimkvol
|
ubimkvol
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
//config: help
|
//config: help
|
||||||
//config: chattr changes the file attributes on a second extended file system.
|
//config: chattr changes the file attributes on a second extended file system.
|
||||||
|
|
||||||
//applet:IF_CHATTR(APPLET(chattr, BB_DIR_BIN, BB_SUID_DROP))
|
//applet:IF_CHATTR(APPLET_NOEXEC(chattr, chattr, BB_DIR_BIN, BB_SUID_DROP, chattr))
|
||||||
|
|
||||||
//kbuild:lib-$(CONFIG_CHATTR) += chattr.o e2fs_lib.o
|
//kbuild:lib-$(CONFIG_CHATTR) += chattr.o e2fs_lib.o
|
||||||
|
|
||||||
|
@ -16,7 +16,8 @@
|
|||||||
//config: help
|
//config: help
|
||||||
//config: lsattr lists the file attributes on a second extended file system.
|
//config: lsattr lists the file attributes on a second extended file system.
|
||||||
|
|
||||||
//applet:IF_LSATTR(APPLET(lsattr, BB_DIR_BIN, BB_SUID_DROP))
|
//applet:IF_LSATTR(APPLET_NOEXEC(lsattr, lsattr, BB_DIR_BIN, BB_SUID_DROP, lsattr))
|
||||||
|
/* ls is NOEXEC, so we should be too! ;) */
|
||||||
|
|
||||||
//kbuild:lib-$(CONFIG_LSATTR) += lsattr.o e2fs_lib.o
|
//kbuild:lib-$(CONFIG_LSATTR) += lsattr.o e2fs_lib.o
|
||||||
|
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
//config: tune2fs allows the system administrator to adjust various tunable
|
//config: tune2fs allows the system administrator to adjust various tunable
|
||||||
//config: filesystem parameters on Linux ext2/ext3 filesystems.
|
//config: filesystem parameters on Linux ext2/ext3 filesystems.
|
||||||
|
|
||||||
//applet:IF_TUNE2FS(APPLET(tune2fs, BB_DIR_SBIN, BB_SUID_DROP))
|
//applet:IF_TUNE2FS(APPLET_NOEXEC(tune2fs, tune2fs, BB_DIR_SBIN, BB_SUID_DROP, tune2fs))
|
||||||
|
|
||||||
//TODO alias to "tune2fs -L LABEL": //applet:IF_E2LABEL(APPLET_ODDNAME(e2label, tune2fs, BB_DIR_SBIN, BB_SUID_DROP, e2label))
|
//TODO alias to "tune2fs -L LABEL": //applet:IF_E2LABEL(APPLET_ODDNAME(e2label, tune2fs, BB_DIR_SBIN, BB_SUID_DROP, e2label))
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user