From 5c527dc57e74c1b60c910dc1a3f3ec9683fca43d Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Fri, 4 Aug 2017 19:55:01 +0200 Subject: make 17 state-changing execing applets (ex: "nice PROG ARGS") noexec The applets with " [opts] PROG ARGS" API very quickly exec another program, noexec is okay for them: chpst/envdir/envuidgid/softlimit/setuidgid chroot chrt ionice nice nohup setarch/linux32/linux64 taskset cttyhack "reset" and "sulogin" applets don't have this form, but also exec another program at once, thus made noexec too. Signed-off-by: Denys Vlasenko --- loginutils/sulogin.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'loginutils') diff --git a/loginutils/sulogin.c b/loginutils/sulogin.c index d5a463cac..27ea5dff0 100644 --- a/loginutils/sulogin.c +++ b/loginutils/sulogin.c @@ -12,7 +12,7 @@ //config: sulogin is invoked when the system goes into single user //config: mode (this is done through an entry in inittab). -//applet:IF_SULOGIN(APPLET(sulogin, BB_DIR_SBIN, BB_SUID_DROP)) +//applet:IF_SULOGIN(APPLET_NOEXEC(sulogin, sulogin, BB_DIR_SBIN, BB_SUID_DROP, sulogin)) //kbuild:lib-$(CONFIG_SULOGIN) += sulogin.o @@ -34,7 +34,7 @@ int sulogin_main(int argc UNUSED_PARAM, char **argv) /* Note: sulogin is not a suid app. It is meant to be run by init * for single user / emergency mode. init starts it as root. - * Normal users (potentially malisious ones) can only run it under + * Normal users (potentially malicious ones) can only run it under * their UID, therefore no paranoia here is warranted: * $LD_LIBRARY_PATH in env, TTY = /dev/sda * are no more dangerous here than in e.g. cp applet. -- cgit v1.2.3