Safe applets (was: RE: ls -l segfault + [PATCH])
Denis Vlasenko
vda.linux at googlemail.com
Tue Mar 20 19:38:17 UTC 2007
On Tuesday 20 March 2007 07:04, Jan Evert van Grootheest wrote:
> > I mostly is worrying how to prevent such bugs from reappearing.
> >
> > The problem is that it is very easy to forget that applet
> > is a safe one and thus whoever is hacking on it
> > should be extra careful.
> >
> > Adding /* THIS IS A "SAFE" APPLET, BE CAREFUL! */
> > seems to be some sort of a solution, but I bet people will
> > overlook it.
> >
> > Will try it with ls.c and see...
>
> What other requirements are there for safe applets?
> Is that documented anywhere?
Not exactly. Actually, safe applets appeared rather unexpectedly
(it was at external patch).
But basically, the picture is as follows: suppose sed is a safe applet.
In this script:
while read line; do
echo "$line" | sed 's/foo/bar/g'
done
for each iteration ash will fork but _will not_ exec_ sed_,
but call exit(sed_init()).
IOW: safe applet should work correctly if its main() is
called from ash. This is basically current requirement.
--
vda
More information about the busybox
mailing list