Denys Vlasenko
b63afead44
ip,ip*: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-09-18 15:45:13 +02:00
Denys Vlasenko
c3e60e1e9a
update NOFORK_NOEXEC.lst
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-09-18 14:34:15 +02:00
Denys Vlasenko
9a6f62fd51
ps: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-10 14:15:52 +02:00
Denys Vlasenko
3bc2317c61
Update NOFORK_NOEXEC.lst
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-09 19:51:17 +02:00
Denys Vlasenko
a4d4ab04c3
vconfig: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-09 18:52:19 +02:00
Denys Vlasenko
8858a9864e
libbb: rearrange NOFORK/NOEXEC code, logic is not changed
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-08 01:21:49 +02:00
Denys Vlasenko
90ad4ba9db
ipcalc,rdev: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-08 00:42:15 +02:00
Denys Vlasenko
dbbc3f2e64
dumpleases: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 23:30:22 +02:00
Denys Vlasenko
af5d008669
expr: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 23:23:18 +02:00
Denys Vlasenko
ec98e3a628
freeramdisk: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 23:17:14 +02:00
Denys Vlasenko
ae84418d26
losetup: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 23:14:49 +02:00
Denys Vlasenko
354b104df1
fatattr: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 22:21:54 +02:00
Denys Vlasenko
fc9efcb53b
df: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 22:19:17 +02:00
Denys Vlasenko
ed4393bdc7
dnsdomainname,hostname: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 20:34:26 +02:00
Denys Vlasenko
248a67fb75
free,stat: make NOEXEC
...
pkill/pgrep/pidof uncovered another quirk: what about noexec's _process names_?
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 18:18:09 +02:00
Denys Vlasenko
1a1203ff89
users,w,who,uptime,renice: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 16:47:34 +02:00
Denys Vlasenko
798b94518e
ubi tools: ubiupdatevol supports "-" input and actually respects -s SIZE
...
Decided to not make any flash applets NOEXEC.
Minor robustifications here and there. Better error messages. Save on strings:
function old new delta
ubi_tools_main 1235 1288 +53
ubi_get_volid_by_name 125 133 +8
ubirename_main 198 204 +6
get_num_from_file 90 94 +4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/0 up/down: 71/0) Total: 71 bytes
text data bss dec hex filename
915696 485 6880 923061 e15b5 busybox_old
915670 485 6880 923035 e159b busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 16:00:25 +02:00
Denys Vlasenko
115e0a7199
ubi_tools: a bit smaller applet resolution code
...
function old new delta
ubi_tools_main 1241 1235 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 02:55:33 +02:00
Denys Vlasenko
dd55d5d53c
script: make -t independent of scriptreplay
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 01:53:17 +02:00
Denys Vlasenko
7b8372b819
add/remove-shell,add/deluser,add/delgroup: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 00:28:15 +02:00
Denys Vlasenko
bfc66d4980
nbd-client: make it NOEXEC, stop using argc
...
function old new delta
nbdclient_main 484 492 +8
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 21:53:39 +02:00
Denys Vlasenko
9536ef7c98
makedevs: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 21:47:07 +02:00
Denys Vlasenko
184c738582
stty: fix bb_common_bufsiz1 use in NOEXEC
...
function old new delta
stty_main 1211 1221 +10
do_display 379 370 -9
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 20:55:56 +02:00
Denys Vlasenko
035e71578e
readprofile: do not close/free just before exiting
...
function old new delta
readprofile_main 1784 1762 -22
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 20:39:27 +02:00
Denys Vlasenko
277081e0a4
blkdiscard: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 20:20:47 +02:00
Denys Vlasenko
bf18239e3d
blkid: make it NOEXEC, make FEATURE_BLKID_TYPE=y default
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 20:16:28 +02:00
Denys Vlasenko
86e07f6893
brctl: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 20:14:02 +02:00
Denys Vlasenko
ed7d118dd0
adjtimex: make it NOFORK
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 20:00:21 +02:00
Denys Vlasenko
a894a4bedd
raidautorun: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 19:08:46 +02:00
Denys Vlasenko
1b280e4652
loadfont,setfont: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 19:05:45 +02:00
Denys Vlasenko
5cb907fffc
setconsole: make it NOEXEC
...
BTW, I failed to make it do what it meant to do.
ioctl appears to succeed, but kernel's output is not coming
to the specified console (tried on VT consoles too).
OTOH, setlogcons does work...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 18:56:25 +02:00
Denys Vlasenko
b83db4ddae
setkeycodes: make it NOEXEC, better --help text
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 18:29:25 +02:00
Denys Vlasenko
341ce0a31e
setlogcons: make it NOEXEC, better --help text
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 18:17:58 +02:00
Denys Vlasenko
97b738d359
setserial: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 18:06:46 +02:00
Denys Vlasenko
2262746e2b
slattach: code shrink, better --help text
...
function old new delta
tcsetattr_serial_or_warn - 34 +34
static.int_N_SLIP - 4 +4
restore_state_and_exit 123 117 -6
packed_usage 31774 31747 -27
set_termios_state_or_warn 42 - -42
slattach_main 673 624 -49
------------------------------------------------------------------------------
(add/remove: 2/1 grow/shrink: 0/3 up/down: 38/-124) Total: -86 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 17:14:09 +02:00
Denys Vlasenko
a759b22c29
nameif: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 14:15:24 +02:00
Denys Vlasenko
9a58cc0f7f
tunctl: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 12:28:00 +02:00
Denys Vlasenko
3239ab89c9
lspci,lsscsi,lsusb: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 23:28:19 +02:00
Denys Vlasenko
83a6c8d58b
umount: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 23:21:02 +02:00
Denys Vlasenko
00c1811d87
pstree: make it NOEXEC
...
While at it, documet why ps can't be NOEXEC.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 22:25:00 +02:00
Denys Vlasenko
99125c0495
chattr,lsattr,tune2fs: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 20:38:04 +02:00
Denys Vlasenko
caf26b36f3
sysctl: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 18:23:10 +02:00
Denys Vlasenko
feb79e8742
cryptpw, mkpasswd: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 02:08:23 +02:00
Denys Vlasenko
ff53bee723
chvt, deallocvt, dumpkmap, fgconsole, loadkmap: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 02:02:31 +02:00
Denys Vlasenko
fdb92359e4
pivot_root: make it NOFORK
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:51:12 +02:00
Denys Vlasenko
9c49d6e11b
partprobe: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:46:39 +02:00
Denys Vlasenko
a453ca576f
sv, svc: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:42:08 +02:00
Denys Vlasenko
9f59849daa
blockdev, fsfreeze, fstrim, mountpoint: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:29:12 +02:00
Denys Vlasenko
692eeb81a4
stty: make in NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 20:07:19 +02:00
Denys Vlasenko
5c527dc57e
make 17 state-changing execing applets (ex: "nice PROG ARGS") noexec
...
The applets with "<applet> [opts] PROG ARGS" API very quickly exec
another program, noexec is okay for them:
chpst/envdir/envuidgid/softlimit/setuidgid
chroot
chrt
ionice
nice
nohup
setarch/linux32/linux64
taskset
cttyhack
"reset" and "sulogin" applets don't have this form, but also exec
another program at once, thus made noexec too.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 19:55:01 +02:00