[PATCH] Marked some more applets NOEXEC/NOFORK

Dan Fandrich dan at coneharvesters.com
Thu Sep 30 21:33:45 UTC 2010


Signed-off-by: Dan Fandrich <dan at coneharvesters.com>
---
 coreutils/cksum.c        |    2 ++
 coreutils/dos2unix.c     |    2 ++
 coreutils/fold.c         |    2 ++
 coreutils/head.c         |    2 ++
 coreutils/id.c           |    2 ++
 coreutils/md5_sha1_sum.c |    2 ++
 coreutils/mkfifo.c       |    2 ++
 coreutils/mknod.c        |    2 ++
 coreutils/printenv.c     |    2 ++
 include/applets.src.h    |   24 ++++++++++++------------
 10 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/coreutils/cksum.c b/coreutils/cksum.c
index 8e7800e..7bf383e 100644
--- a/coreutils/cksum.c
+++ b/coreutils/cksum.c
@@ -8,6 +8,8 @@
  */
 #include "libbb.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 int cksum_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int cksum_main(int argc UNUSED_PARAM, char **argv)
 {
diff --git a/coreutils/dos2unix.c b/coreutils/dos2unix.c
index 626c414..ba1ca8c 100644
--- a/coreutils/dos2unix.c
+++ b/coreutils/dos2unix.c
@@ -14,6 +14,8 @@
 
 #include "libbb.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 enum {
 	CT_UNIX2DOS = 1,
 	CT_DOS2UNIX
diff --git a/coreutils/fold.c b/coreutils/fold.c
index 54f1aa2..4a6429a 100644
--- a/coreutils/fold.c
+++ b/coreutils/fold.c
@@ -12,6 +12,8 @@
 #include "libbb.h"
 #include "unicode.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 /* Must match getopt32 call */
 #define FLAG_COUNT_BYTES        1
 #define FLAG_BREAK_SPACES       2
diff --git a/coreutils/head.c b/coreutils/head.c
index 0845b43..669aae8 100644
--- a/coreutils/head.c
+++ b/coreutils/head.c
@@ -13,6 +13,8 @@
 
 #include "libbb.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 static const char head_opts[] ALIGN1 =
 	"n:"
 #if ENABLE_FEATURE_FANCY_HEAD
diff --git a/coreutils/id.c b/coreutils/id.c
index 56286f4..ed1dc86 100644
--- a/coreutils/id.c
+++ b/coreutils/id.c
@@ -17,6 +17,8 @@
 
 #include "libbb.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 #if !ENABLE_USE_BB_PWD_GRP
 #if defined(__UCLIBC_MAJOR__) && (__UCLIBC_MAJOR__ == 0)
 #if (__UCLIBC_MINOR__ < 9) || (__UCLIBC_MINOR__ == 9 &&  __UCLIBC_SUBLEVEL__ < 30)
diff --git a/coreutils/md5_sha1_sum.c b/coreutils/md5_sha1_sum.c
index 646f8bd..5e36d39 100644
--- a/coreutils/md5_sha1_sum.c
+++ b/coreutils/md5_sha1_sum.c
@@ -8,6 +8,8 @@
 
 #include "libbb.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 typedef enum {
 	/* 4th letter of applet_name is... */
 	HASH_MD5 = 's', /* "md5>s<um" */
diff --git a/coreutils/mkfifo.c b/coreutils/mkfifo.c
index 41aedd0..4388cca 100644
--- a/coreutils/mkfifo.c
+++ b/coreutils/mkfifo.c
@@ -13,6 +13,8 @@
 #include "libbb.h"
 #include "libcoreutils/coreutils.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 int mkfifo_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int mkfifo_main(int argc UNUSED_PARAM, char **argv)
 {
diff --git a/coreutils/mknod.c b/coreutils/mknod.c
index 0e5542d..14d91b5 100644
--- a/coreutils/mknod.c
+++ b/coreutils/mknod.c
@@ -14,6 +14,8 @@
 #include "libbb.h"
 #include "libcoreutils/coreutils.h"
 
+/* This is a NOEXEC applet. Be very careful! */
+
 static const char modes_chars[] ALIGN1 = { 'p', 'c', 'u', 'b', 0, 1, 1, 2 };
 static const mode_t modes_cubp[] = { S_IFIFO, S_IFCHR, S_IFBLK };
 
diff --git a/coreutils/printenv.c b/coreutils/printenv.c
index d38f8fb..33be5c0 100644
--- a/coreutils/printenv.c
+++ b/coreutils/printenv.c
@@ -10,6 +10,8 @@
 
 #include "libbb.h"
 
+/* This is a NOFORK applet. Be very careful! */
+
 int printenv_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
 int printenv_main(int argc UNUSED_PARAM, char **argv)
 {
diff --git a/include/applets.src.h b/include/applets.src.h
index 106b720..c13507a 100644
--- a/include/applets.src.h
+++ b/include/applets.src.h
@@ -94,7 +94,7 @@ IF_CHPST(APPLET(chpst, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_CHROOT(APPLET(chroot, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_CHRT(APPLET(chrt, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_CHVT(APPLET(chvt, _BB_DIR_USR_BIN, _BB_SUID_DROP))
-IF_CKSUM(APPLET(cksum, _BB_DIR_USR_BIN, _BB_SUID_DROP))
+IF_CKSUM(APPLET_NOEXEC(cksum, cksum, _BB_DIR_USR_BIN, _BB_SUID_DROP, cksum))
 IF_CLEAR(APPLET(clear, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_CMP(APPLET(cmp, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_COMM(APPLET(comm, _BB_DIR_USR_BIN, _BB_SUID_DROP))
@@ -152,7 +152,7 @@ IF_FLASH_LOCK(APPLET_ODDNAME(flash_lock, flash_lock_unlock, _BB_DIR_USR_SBIN, _B
 IF_FLASH_UNLOCK(APPLET_ODDNAME(flash_unlock, flash_lock_unlock, _BB_DIR_USR_SBIN, _BB_SUID_DROP, flash_unlock))
 IF_FLASHCP(APPLET(flashcp, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_FLOCK(APPLET(flock, _BB_DIR_USR_BIN, _BB_SUID_DROP))
-IF_FOLD(APPLET(fold, _BB_DIR_USR_BIN, _BB_SUID_DROP))
+IF_FOLD(APPLET_NOEXEC(fold, fold, _BB_DIR_USR_BIN, _BB_SUID_DROP, fold))
 IF_FREE(APPLET(free, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_FREERAMDISK(APPLET(freeramdisk, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_FSCK(APPLET(fsck, _BB_DIR_SBIN, _BB_SUID_DROP))
@@ -173,13 +173,13 @@ IF_GZIP(APPLET(gzip, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_HALT(APPLET(halt, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_HD(APPLET_NOEXEC(hd, hexdump, _BB_DIR_USR_BIN, _BB_SUID_DROP, hd))
 IF_HDPARM(APPLET(hdparm, _BB_DIR_SBIN, _BB_SUID_DROP))
-IF_HEAD(APPLET(head, _BB_DIR_USR_BIN, _BB_SUID_DROP))
+IF_HEAD(APPLET_NOEXEC(head, head, _BB_DIR_USR_BIN, _BB_SUID_DROP, head))
 IF_HEXDUMP(APPLET_NOEXEC(hexdump, hexdump, _BB_DIR_USR_BIN, _BB_SUID_DROP, hexdump))
 IF_HOSTID(APPLET_NOFORK(hostid, hostid, _BB_DIR_USR_BIN, _BB_SUID_DROP, hostid))
 IF_HOSTNAME(APPLET(hostname, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_HTTPD(APPLET(httpd, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_HWCLOCK(APPLET(hwclock, _BB_DIR_SBIN, _BB_SUID_DROP))
-IF_ID(APPLET(id, _BB_DIR_USR_BIN, _BB_SUID_DROP))
+IF_ID(APPLET_NOEXEC(id, id, _BB_DIR_USR_BIN, _BB_SUID_DROP, id))
 IF_IFCONFIG(APPLET(ifconfig, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_IFUPDOWN(APPLET_ODDNAME(ifdown, ifupdown, _BB_DIR_SBIN, _BB_SUID_DROP, ifdown))
 IF_IFENSLAVE(APPLET(ifenslave, _BB_DIR_SBIN, _BB_SUID_DROP))
@@ -244,20 +244,20 @@ IF_MAKEDEVS(APPLET(makedevs, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_MAKEMIME(APPLET(makemime, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_MAN(APPLET(man, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_MATCHPATHCON(APPLET(matchpathcon, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
-IF_MD5SUM(APPLET_ODDNAME(md5sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, md5sum))
+IF_MD5SUM(APPLET_NOEXEC(md5sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, md5sum))
 IF_MDEV(APPLET(mdev, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_MESG(APPLET(mesg, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_MICROCOM(APPLET(microcom, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_MKDIR(APPLET_NOFORK(mkdir, mkdir, _BB_DIR_BIN, _BB_SUID_DROP, mkdir))
 IF_MKFS_VFAT(APPLET_ODDNAME(mkdosfs, mkfs_vfat, _BB_DIR_SBIN, _BB_SUID_DROP, mkfs_vfat))
 IF_MKFS_EXT2(APPLET_ODDNAME(mke2fs, mkfs_ext2, _BB_DIR_SBIN, _BB_SUID_DROP, mkfs_ext2))
-IF_MKFIFO(APPLET(mkfifo, _BB_DIR_USR_BIN, _BB_SUID_DROP))
+IF_MKFIFO(APPLET_NOEXEC(mkfifo, mkfifo, _BB_DIR_USR_BIN, _BB_SUID_DROP, mkfifo))
 IF_MKFS_EXT2(APPLET_ODDNAME(mkfs.ext2, mkfs_ext2, _BB_DIR_SBIN, _BB_SUID_DROP, mkfs_ext2))
 //IF_MKE2FS(APPLET_ODDNAME(mkfs.ext3, mke2fs, _BB_DIR_SBIN, _BB_SUID_DROP, mkfs_ext3))
 IF_MKFS_MINIX(APPLET_ODDNAME(mkfs.minix, mkfs_minix, _BB_DIR_SBIN, _BB_SUID_DROP, mkfs_minix))
 IF_MKFS_REISER(APPLET_ODDNAME(mkfs.reiser, mkfs_reiser, _BB_DIR_SBIN, _BB_SUID_DROP, mkfs_reiser))
 IF_MKFS_VFAT(APPLET_ODDNAME(mkfs.vfat, mkfs_vfat, _BB_DIR_SBIN, _BB_SUID_DROP, mkfs_vfat))
-IF_MKNOD(APPLET(mknod, _BB_DIR_BIN, _BB_SUID_DROP))
+IF_MKNOD(APPLET_NOEXEC(mknod, mknod, _BB_DIR_BIN, _BB_SUID_DROP, mknod))
 IF_CRYPTPW(APPLET_ODDNAME(mkpasswd, cryptpw, _BB_DIR_USR_BIN, _BB_SUID_DROP, mkpasswd))
 IF_MKSWAP(APPLET(mkswap, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_MKTEMP(APPLET(mktemp, _BB_DIR_BIN, _BB_SUID_DROP))
@@ -290,7 +290,7 @@ IF_PIVOT_ROOT(APPLET(pivot_root, _BB_DIR_SBIN, _BB_SUID_DROP))
 IF_PKILL(APPLET_ODDNAME(pkill, pgrep, _BB_DIR_USR_BIN, _BB_SUID_DROP, pkill))
 IF_POPMAILDIR(APPLET(popmaildir, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_HALT(APPLET_ODDNAME(poweroff, halt, _BB_DIR_SBIN, _BB_SUID_DROP, poweroff))
-IF_PRINTENV(APPLET(printenv, _BB_DIR_BIN, _BB_SUID_DROP))
+IF_PRINTENV(APPLET_NOFORK(printenv, printenv, _BB_DIR_BIN, _BB_SUID_DROP, printenv))
 IF_PRINTF(APPLET_NOFORK(printf, printf, _BB_DIR_USR_BIN, _BB_SUID_DROP, printf))
 IF_PS(APPLET(ps, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_PSCAN(APPLET(pscan, _BB_DIR_USR_BIN, _BB_SUID_DROP))
@@ -340,9 +340,9 @@ IF_SETLOGCONS(APPLET(setlogcons, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_SETSEBOOL(APPLET(setsebool, _BB_DIR_USR_SBIN, _BB_SUID_DROP))
 IF_SETSID(APPLET(setsid, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_SETUIDGID(APPLET_ODDNAME(setuidgid, chpst, _BB_DIR_USR_BIN, _BB_SUID_DROP, setuidgid))
-IF_SHA1SUM(APPLET_ODDNAME(sha1sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, sha1sum))
-IF_SHA256SUM(APPLET_ODDNAME(sha256sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, sha256sum))
-IF_SHA512SUM(APPLET_ODDNAME(sha512sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, sha512sum))
+IF_SHA1SUM(APPLET_NOEXEC(sha1sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, sha1sum))
+IF_SHA256SUM(APPLET_NOEXEC(sha256sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, sha256sum))
+IF_SHA512SUM(APPLET_NOEXEC(sha512sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_DROP, sha512sum))
 IF_SHOWKEY(APPLET(showkey, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_SLATTACH(APPLET(slattach, _BB_DIR_SBIN, _BB_SUID_DROP))
 /* Do not make this applet NOFORK. It breaks ^C-ing of pauses in shells */
@@ -399,7 +399,7 @@ IF_UNAME(APPLET(uname, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_UNCOMPRESS(APPLET(uncompress, _BB_DIR_BIN, _BB_SUID_DROP))
 IF_UNEXPAND(APPLET_ODDNAME(unexpand, expand, _BB_DIR_USR_BIN, _BB_SUID_DROP, unexpand))
 IF_UNIQ(APPLET(uniq, _BB_DIR_USR_BIN, _BB_SUID_DROP))
-IF_UNIX2DOS(APPLET_ODDNAME(unix2dos, dos2unix, _BB_DIR_USR_BIN, _BB_SUID_DROP, unix2dos))
+IF_UNIX2DOS(APPLET_NOEXEC(unix2dos, dos2unix, _BB_DIR_USR_BIN, _BB_SUID_DROP, unix2dos))
 IF_UNXZ(APPLET(unxz, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_UNLZMA(APPLET(unlzma, _BB_DIR_USR_BIN, _BB_SUID_DROP))
 IF_LZOP(APPLET_ODDNAME(unlzop, lzop, _BB_DIR_USR_BIN, _BB_SUID_DROP, unlzop))
-- 
1.5.3.2



More information about the busybox mailing list