aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2017-08-05 20:38:04 +0200
committerDenys Vlasenko <vda.linux@googlemail.com>2017-08-05 20:38:04 +0200
commit99125c04950a7ba2ac90dc21c3d924fe9dd95651 (patch)
tree3b8e6fb6844dbe17031b836faf6d941b4b6ccb1f
parentd3147cd5c38d9f232a9e279562129157e871d1ee (diff)
downloadbusybox-99125c04950a7ba2ac90dc21c3d924fe9dd95651.tar.gz
chattr,lsattr,tune2fs: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--NOFORK_NOEXEC.lst6
-rw-r--r--e2fsprogs/chattr.c2
-rw-r--r--e2fsprogs/lsattr.c3
-rw-r--r--e2fsprogs/tune2fs.c2
4 files changed, 7 insertions, 6 deletions
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 78d06f3f5..0b6528d94 100644
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -61,7 +61,7 @@ bzip2 - runner
cal - runner: cal -n9999
cat - runner
chat - needs ^C to work
-chattr - runner
+chattr - noexec. runner
chgrp - noexec. runner
chmod - noexec. runner
chown - noexec. runner
@@ -204,7 +204,7 @@ lpd - daemon
lpq - runner
lpr - runner
ls - noexec. runner
-lsattr - runner. noexec candidate (ls is, why not this one?)
+lsattr - noexec. runner
lsmod - noexec
lsof - complex
lspci - noexec candidate, too rare to bother for nofork
@@ -366,7 +366,7 @@ truncate - NOFORK
tty - NOFORK
ttysize - NOFORK
tunctl
-tune2fs - leaks: open+xfunc
+tune2fs - noexec. leaks: open+xfunc
ubiattach
ubidetach
ubimkvol
diff --git a/e2fsprogs/chattr.c b/e2fsprogs/chattr.c
index bb870a990..76a5253b6 100644
--- a/e2fsprogs/chattr.c
+++ b/e2fsprogs/chattr.c
@@ -15,7 +15,7 @@
//config: help
//config: chattr changes the file attributes on a second extended file system.
-//applet:IF_CHATTR(APPLET(chattr, BB_DIR_BIN, BB_SUID_DROP))
+//applet:IF_CHATTR(APPLET_NOEXEC(chattr, chattr, BB_DIR_BIN, BB_SUID_DROP, chattr))
//kbuild:lib-$(CONFIG_CHATTR) += chattr.o e2fs_lib.o
diff --git a/e2fsprogs/lsattr.c b/e2fsprogs/lsattr.c
index 756d26832..56c1187c1 100644
--- a/e2fsprogs/lsattr.c
+++ b/e2fsprogs/lsattr.c
@@ -16,7 +16,8 @@
//config: help
//config: lsattr lists the file attributes on a second extended file system.
-//applet:IF_LSATTR(APPLET(lsattr, BB_DIR_BIN, BB_SUID_DROP))
+//applet:IF_LSATTR(APPLET_NOEXEC(lsattr, lsattr, BB_DIR_BIN, BB_SUID_DROP, lsattr))
+/* ls is NOEXEC, so we should be too! ;) */
//kbuild:lib-$(CONFIG_LSATTR) += lsattr.o e2fs_lib.o
diff --git a/e2fsprogs/tune2fs.c b/e2fsprogs/tune2fs.c
index 95411db5f..9f14b26ec 100644
--- a/e2fsprogs/tune2fs.c
+++ b/e2fsprogs/tune2fs.c
@@ -13,7 +13,7 @@
//config: tune2fs allows the system administrator to adjust various tunable
//config: filesystem parameters on Linux ext2/ext3 filesystems.
-//applet:IF_TUNE2FS(APPLET(tune2fs, BB_DIR_SBIN, BB_SUID_DROP))
+//applet:IF_TUNE2FS(APPLET_NOEXEC(tune2fs, tune2fs, BB_DIR_SBIN, BB_SUID_DROP, tune2fs))
//TODO alias to "tune2fs -L LABEL": //applet:IF_E2LABEL(APPLET_ODDNAME(e2label, tune2fs, BB_DIR_SBIN, BB_SUID_DROP, e2label))