diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-05 18:23:10 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-05 18:23:10 +0200 |
commit | caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e (patch) | |
tree | 653e7f25f818526f5b115139a924766efa41614f | |
parent | 50db1f29bf96c2ae4dbb96763793a9592d99cf02 (diff) | |
download | busybox-caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e.tar.gz |
sysctl: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | NOFORK_NOEXEC.lst | 2 | ||||
-rw-r--r-- | procps/sysctl.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index 1bb571b9c..78d06f3f5 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst @@ -341,7 +341,7 @@ swapoff - rare swapon - rare switch_root - spawner, rare, changes state (oh yes), execing may be important to free binary's inode sync - NOFORK -sysctl - noexec candidate, leaks: xstrdup+xmalloc_read +sysctl - noexec. leaks: xstrdup+xmalloc_read syslogd - daemon tac - noexec. runner tail - runner diff --git a/procps/sysctl.c b/procps/sysctl.c index a42a91247..827e09cce 100644 --- a/procps/sysctl.c +++ b/procps/sysctl.c @@ -16,7 +16,7 @@ //config: help //config: Configure kernel parameters at runtime. -//applet:IF_BB_SYSCTL(APPLET(sysctl, BB_DIR_SBIN, BB_SUID_DROP)) +//applet:IF_BB_SYSCTL(APPLET_NOEXEC(sysctl, sysctl, BB_DIR_SBIN, BB_SUID_DROP, sysctl)) //kbuild:lib-$(CONFIG_BB_SYSCTL) += sysctl.o |