[git commit] cryptpw, mkpasswd: make them NOEXEC

Denys Vlasenko vda.linux at googlemail.com
Sat Aug 5 00:08:23 UTC 2017 

commit: https://git.busybox.net/busybox/commit/?id=feb79e8742eb3cef211804dadcc7f3ddfd154c72
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 NOFORK_NOEXEC.lst    | 4 ++--
 loginutils/cryptpw.c | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 1d23ad9..1bb571b 100644
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -79,7 +79,7 @@ cp - noexec. runner
 cpio - runner
 crond - daemon
 crontab 0 leaks: open+xasprintf
-cryptpw - changes state: with --password-fd=N, moves N to stdin. Also, "rare" category. noexec candidate.
+cryptpw - noexec. changes state: with --password-fd=N, moves N to stdin
 cttyhack - noexec. spawner
 cut - noexec. runner
 date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf)
@@ -229,7 +229,7 @@ mkfs.ext2 - needs ^C
 mkfs.minix - needs ^C
 mkfs.vfat - needs ^C
 mknod - noexec
-mkpasswd - changes state: with --password-fd=N, moves N to stdin. Also, "rare" category. noexec candidate.
+mkpasswd - noexec. changes state: with --password-fd=N, moves N to stdin
 mkswap - needs ^C
 mktemp - noexec. leaks: xstrdup+concat_path_file
 modinfo - noexec
diff --git a/loginutils/cryptpw.c b/loginutils/cryptpw.c
index f8906c5..136c619 100644
--- a/loginutils/cryptpw.c
+++ b/loginutils/cryptpw.c
@@ -24,9 +24,9 @@
 //config:	using the given salt. Debian has this utility under mkpasswd
 //config:	name. Busybox provides mkpasswd as an alias for cryptpw.
 
-//applet:IF_CRYPTPW(APPLET(cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP))
-//                   APPLET_ODDNAME:name      main     location        suid_type     help
-//applet:IF_MKPASSWD(APPLET_ODDNAME(mkpasswd, cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP, cryptpw))
+//applet:IF_CRYPTPW( APPLET_NOEXEC(cryptpw,  cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP, cryptpw))
+//                   APPLET_NOEXEC:name      main     location        suid_type     help
+//applet:IF_MKPASSWD(APPLET_NOEXEC(mkpasswd, cryptpw, BB_DIR_USR_BIN, BB_SUID_DROP, cryptpw))
 
 //kbuild:lib-$(CONFIG_CRYPTPW) += cryptpw.o
 //kbuild:lib-$(CONFIG_MKPASSWD) += cryptpw.o

More information about the busybox-cvs mailing list