[git commit] getopt: make it NOEXEC

Denys Vlasenko vda.linux at googlemail.com
Thu Aug 3 17:30:21 UTC 2017


commit: https://git.busybox.net/busybox/commit/?id=72d725d7cc6d5cd8ad6c69f7efb3b7046931395b
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 NOFORK_NOEXEC.lst   | 26 +++++++++++++-------------
 util-linux/getopt.c |  2 +-
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 7073611..9fcef78 100644
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -129,7 +129,7 @@ ftpd - daemon
 ftpget - runner
 ftpput - runner
 fuser - complex
-getopt
+getopt - noexec. complex (many allocs)
 getty - interactive
 grep - runner
 groups - noexec
@@ -160,16 +160,16 @@ insmod
 install - runner
 ionice - spawner
 iostat - runner
-ip
-ipaddr
-ipcalc
-ipcrm
-ipcs
-iplink
-ipneigh
-iproute
-iprule
-iptunnel
+ip - noexec candidate
+ipaddr - noexec candidate
+ipcalc - noexec candidate
+ipcrm - noexec candidate
+ipcs - noexec candidate
+iplink - noexec candidate
+ipneigh - noexec candidate
+iproute - noexec candidate
+iprule - noexec candidate
+iptunnel - noexec candidate
 kbd_mode
 kill - NOFORK
 killall - NOFORK
@@ -257,8 +257,8 @@ poweroff - rare
 powertop - interactive, longterm
 printenv - NOFORK
 printf - NOFORK
-ps
-pscan
+ps - noexec candidate
+pscan - longterm
 pstree
 pwd - NOFORK
 pwdx - NOFORK
diff --git a/util-linux/getopt.c b/util-linux/getopt.c
index cf1bc59..5fe0da7 100644
--- a/util-linux/getopt.c
+++ b/util-linux/getopt.c
@@ -47,7 +47,7 @@
 //config:	help
 //config:	Enable support for long options (option -l).
 
-//applet:IF_GETOPT(APPLET(getopt, BB_DIR_BIN, BB_SUID_DROP))
+//applet:IF_GETOPT(APPLET_NOEXEC(getopt, getopt, BB_DIR_BIN, BB_SUID_DROP, getopt))
 
 //kbuild:lib-$(CONFIG_GETOPT) += getopt.o
 


More information about the busybox-cvs mailing list