update NOFORK_NOEXEC.lst
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
parent
a6390ed77e
commit
c3e60e1e9a
@ -166,6 +166,7 @@ hd - noexec. runner
|
|||||||
hdparm - hardware
|
hdparm - hardware
|
||||||
head - noexec. runner
|
head - noexec. runner
|
||||||
hexdump - noexec. runner
|
hexdump - noexec. runner
|
||||||
|
hexedit - interactive, longterm
|
||||||
hostid - NOFORK
|
hostid - NOFORK
|
||||||
hostname - noexec. talks to network (hostname -d may query DNS)
|
hostname - noexec. talks to network (hostname -d may query DNS)
|
||||||
httpd - daemon
|
httpd - daemon
|
||||||
@ -235,6 +236,7 @@ md5sum - noexec. runner
|
|||||||
mdev - daemon
|
mdev - daemon
|
||||||
mesg - NOFORK
|
mesg - NOFORK
|
||||||
microcom - interactive, longterm
|
microcom - interactive, longterm
|
||||||
|
minips - noexec
|
||||||
mkdir - NOFORK
|
mkdir - NOFORK
|
||||||
mkdosfs - needs ^C
|
mkdosfs - needs ^C
|
||||||
mke2fs - needs ^C
|
mke2fs - needs ^C
|
||||||
@ -264,6 +266,7 @@ nmeter - longterm
|
|||||||
nohup - noexec. spawner
|
nohup - noexec. spawner
|
||||||
nproc - NOFORK
|
nproc - NOFORK
|
||||||
ntpd - daemon
|
ntpd - daemon
|
||||||
|
nuke - noexec
|
||||||
od - runner
|
od - runner
|
||||||
openvt - longterm: spawns a child and waits for it
|
openvt - longterm: spawns a child and waits for it
|
||||||
partprobe - noexec. leaks: open+ioctl_or_perror_and_die(BLKRRPART)
|
partprobe - noexec. leaks: open+ioctl_or_perror_and_die(BLKRRPART)
|
||||||
@ -300,6 +303,7 @@ remove-shell - noexec. leaks: open+xfunc
|
|||||||
renice - noexec. nofork candidate(uses getpwnam, is that ok?)
|
renice - noexec. nofork candidate(uses getpwnam, is that ok?)
|
||||||
reset - noexec. spawner (execs "stty")
|
reset - noexec. spawner (execs "stty")
|
||||||
resize - noexec. changes state (signal handlers)
|
resize - noexec. changes state (signal handlers)
|
||||||
|
resume - noexec
|
||||||
rev - runner
|
rev - runner
|
||||||
rm - noexec. rm -i interactive
|
rm - noexec. rm -i interactive
|
||||||
rmdir - NOFORK
|
rmdir - NOFORK
|
||||||
@ -308,6 +312,7 @@ route - talks to network (may query DNS to convert IPs to names)
|
|||||||
rpm - runner
|
rpm - runner
|
||||||
rpm2cpio - runner
|
rpm2cpio - runner
|
||||||
rtcwake - longterm: puts system to sleep, optimizing this for speed is pointless
|
rtcwake - longterm: puts system to sleep, optimizing this for speed is pointless
|
||||||
|
run-init - spawner, rare, changes state (oh yes), execing may be important to free binary's inode
|
||||||
run-parts - longterm
|
run-parts - longterm
|
||||||
runlevel - noexec. can be nofork if "endutxent()" is called unconditionally, but too rare to bother?
|
runlevel - noexec. can be nofork if "endutxent()" is called unconditionally, but too rare to bother?
|
||||||
runsv - daemon
|
runsv - daemon
|
||||||
@ -320,6 +325,7 @@ sendmail - runner
|
|||||||
seq - noexec. runner
|
seq - noexec. runner
|
||||||
setarch - noexec. spawner
|
setarch - noexec. spawner
|
||||||
setconsole - noexec
|
setconsole - noexec
|
||||||
|
setfattr - noexec
|
||||||
setfont - noexec. leaks a lot of stuff
|
setfont - noexec. leaks a lot of stuff
|
||||||
setkeycodes - noexec
|
setkeycodes - noexec
|
||||||
setlogcons - noexec
|
setlogcons - noexec
|
||||||
|
Loading…
Reference in New Issue
Block a user