diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-04 17:36:16 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-04 17:36:16 +0200 |
commit | 74c05f5b2cfde7a561e55437eb499f96864179a3 (patch) | |
tree | d2f84f2fcf5ab032a58bc37c6a0b6f0d6f273c9b | |
parent | dd5a40246b91bd5d3d165998e6ac3cc4f7083f63 (diff) | |
download | busybox-w32-74c05f5b2cfde7a561e55437eb499f96864179a3.tar.gz busybox-w32-74c05f5b2cfde7a561e55437eb499f96864179a3.tar.bz2 busybox-w32-74c05f5b2cfde7a561e55437eb499f96864179a3.zip |
chat: trim help text
Noticed while auditing nofork/noexec status
function old new delta
packed_usage 31777 31747 -30
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | NOFORK_NOEXEC.lst | 93 | ||||
-rw-r--r-- | miscutils/chat.c | 4 | ||||
-rw-r--r-- | util-linux/freeramdisk.c | 8 |
3 files changed, 58 insertions, 47 deletions
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index 74922ff52..9741f21ea 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst | |||
@@ -11,8 +11,8 @@ runner: sometimes may run for long(ish) time, and/or works with network: | |||
11 | ^C has to work (cat BIGFILE, chmod -R, ftpget, nc) | 11 | ^C has to work (cat BIGFILE, chmod -R, ftpget, nc) |
12 | 12 | ||
13 | "runners" can become eligible after shell is taught ^C to interrupt NOFORKs, | 13 | "runners" can become eligible after shell is taught ^C to interrupt NOFORKs, |
14 | need to be inspected that they do not fall into alloc+xfunc, open+xfunc | 14 | need to be inspected that they do not fall into alloc+xfunc, open+xfunc, |
15 | categories. | 15 | leak categories. |
16 | 16 | ||
17 | Why can't be NOEXEC: | 17 | Why can't be NOEXEC: |
18 | suid: runs under different uid - must fork+exec | 18 | suid: runs under different uid - must fork+exec |
@@ -23,7 +23,15 @@ daemon: runs indefinitely; these are also always fit "rare" category | |||
23 | longterm: often runs for a long time (many seconds), execing would make | 23 | longterm: often runs for a long time (many seconds), execing would make |
24 | memory footprint smaller | 24 | memory footprint smaller |
25 | complex: no immediately obvious reason why NOFORK wouldn't work, | 25 | complex: no immediately obvious reason why NOFORK wouldn't work, |
26 | but does some non-obvoius operations (example: fuser, lsof, losetup) | 26 | but does some non-obvoius operations (example: fuser, lsof, losetup); |
27 | detailed audit often turns out that it's a leaker | ||
28 | |||
29 | Interesting example of "interactive" applet which is nevertheless can be | ||
30 | (and is) NOEXEC is "rm". Yes, "rm -i" is interactive - but it's not that typical | ||
31 | for users to keep it waiting for many minutes, whereas running "rm" in shell | ||
32 | is very typical, and speeding up this common use via NOEXEC is useful. | ||
33 | IOW: rm is "interactive", but not "longterm". | ||
34 | |||
27 | 35 | ||
28 | [ - NOFORK | 36 | [ - NOFORK |
29 | [[ - NOFORK | 37 | [[ - NOFORK |
@@ -34,9 +42,9 @@ adduser | |||
34 | adjtimex | 42 | adjtimex |
35 | ar - runner | 43 | ar - runner |
36 | arch - NOFORK | 44 | arch - NOFORK |
37 | arp | 45 | arp - complex, rare |
38 | arping - runner | 46 | arping - runner |
39 | ash - interactive | 47 | ash - interactive, longterm |
40 | awk - noexec. runner | 48 | awk - noexec. runner |
41 | base64 - runner | 49 | base64 - runner |
42 | basename - NOFORK | 50 | basename - NOFORK |
@@ -52,7 +60,7 @@ bzcat - runner | |||
52 | bzip2 - runner | 60 | bzip2 - runner |
53 | cal - runner: cal -n9999 | 61 | cal - runner: cal -n9999 |
54 | cat - runner | 62 | cat - runner |
55 | chat | 63 | chat - needs ^C to work |
56 | chattr - runner | 64 | chattr - runner |
57 | chgrp - noexec. runner | 65 | chgrp - noexec. runner |
58 | chmod - noexec. runner | 66 | chmod - noexec. runner |
@@ -77,10 +85,10 @@ cut - noexec. runner | |||
77 | date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf) | 85 | date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf) |
78 | dc - runner (eats stdin if no params) | 86 | dc - runner (eats stdin if no params) |
79 | dd - noexec. runner | 87 | dd - noexec. runner |
80 | deallocvt | 88 | deallocvt - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec. |
81 | delgroup | 89 | delgroup |
82 | deluser | 90 | deluser |
83 | depmod | 91 | depmod - complex, rare |
84 | devmem - runner, complex (access to device memory may hang) | 92 | devmem - runner, complex (access to device memory may hang) |
85 | df - complex (nested allocs) | 93 | df - complex (nested allocs) |
86 | dhcprelay - daemon | 94 | dhcprelay - daemon |
@@ -88,16 +96,16 @@ diff - runner | |||
88 | dirname - NOFORK | 96 | dirname - NOFORK |
89 | dmesg - runner | 97 | dmesg - runner |
90 | dnsd - daemon | 98 | dnsd - daemon |
91 | dnsdomainname - DNS resolution may trigger, need ^C | 99 | dnsdomainname - needs ^C (may talk to DNS servers, which may be down) |
92 | dos2unix - noexec. runner | 100 | dos2unix - noexec. runner |
93 | dpkg - runner | 101 | dpkg - runner |
94 | du - runner | 102 | du - runner |
95 | dumpkmap | 103 | dumpkmap - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec. |
96 | dumpleases | 104 | dumpleases |
97 | echo - NOFORK | 105 | echo - NOFORK |
98 | ed - interactive | 106 | ed - interactive, longterm |
99 | egrep - runner | 107 | egrep - longterm runner ("CMD | egrep ..." may run indefinitely, better to exec to conserve memory) |
100 | eject | 108 | eject - leaks: open+ioctl_or_perror_and_die, changes state (moves fds) |
101 | env - noexec. changes state (env) | 109 | env - noexec. changes state (env) |
102 | envdir - spawner | 110 | envdir - spawner |
103 | envuidgid - spawner | 111 | envuidgid - spawner |
@@ -107,24 +115,24 @@ factor - runner (eats stdin if no params) | |||
107 | fakeidentd - daemon | 115 | fakeidentd - daemon |
108 | false - NOFORK | 116 | false - NOFORK |
109 | fatattr - complex (xopen+xioctl can leak fd) | 117 | fatattr - complex (xopen+xioctl can leak fd) |
110 | fbset | 118 | fbset - leaks: open+xfunc, complex, rare |
111 | fbsplash - runner, interactive | 119 | fbsplash - runner, longterm |
112 | fdflush | 120 | fdflush - leaks: open+ioctl_or_perror_and_die, needs ^C (floppy may be unresponsive), rare |
113 | fdformat - runner | 121 | fdformat - needs ^C (floppy may be unresponsive), longterm, rare |
114 | fdisk - interactive | 122 | fdisk - interactive, longterm |
115 | fgconsole | 123 | fgconsole - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec. |
116 | fgrep - runner | 124 | fgrep - longterm runner ("CMD | fgrep ..." may run indefinitely, better to exec to conserve memory) |
117 | find - noexec. runner | 125 | find - noexec. runner |
118 | findfs - suid | 126 | findfs - suid |
119 | flash_eraseall | 127 | flash_eraseall |
120 | flash_lock | 128 | flash_lock |
121 | flash_unlock | 129 | flash_unlock |
122 | flashcp | 130 | flashcp |
123 | flock | 131 | flock - spawner, changes state (file locks) |
124 | fold - noexec. runner | 132 | fold - noexec. runner |
125 | free - nofork candidate(struct globals, needs to close /proc/meminfo fd) | 133 | free - nofork candidate(struct globals, needs to close /proc/meminfo fd) |
126 | freeramdisk | 134 | freeramdisk - leaks: open+ioctl_or_perror_and_die |
127 | fsck - interactive | 135 | fsck - interactive, longterm |
128 | fsck.minix | 136 | fsck.minix |
129 | fsfreeze | 137 | fsfreeze |
130 | fstrim | 138 | fstrim |
@@ -134,8 +142,8 @@ ftpget - runner | |||
134 | ftpput - runner | 142 | ftpput - runner |
135 | fuser - complex | 143 | fuser - complex |
136 | getopt - noexec. complex (many allocs) | 144 | getopt - noexec. complex (many allocs) |
137 | getty - interactive | 145 | getty - interactive, longterm |
138 | grep - runner | 146 | grep - longterm runner ("CMD | grep ..." may run indefinitely, better to exec to conserve memory) |
139 | groups - noexec | 147 | groups - noexec |
140 | gunzip - runner | 148 | gunzip - runner |
141 | gzip - runner | 149 | gzip - runner |
@@ -147,7 +155,7 @@ hexdump - noexec. runner | |||
147 | hostid - NOFORK | 155 | hostid - NOFORK |
148 | hostname - DNS resolution may trigger, need ^C | 156 | hostname - DNS resolution may trigger, need ^C |
149 | httpd - daemon | 157 | httpd - daemon |
150 | hush - interactive | 158 | hush - interactive, longterm |
151 | hwclock | 159 | hwclock |
152 | i2cdetect | 160 | i2cdetect |
153 | i2cdump | 161 | i2cdump |
@@ -180,39 +188,39 @@ killall - NOFORK | |||
180 | killall5 - NOFORK | 188 | killall5 - NOFORK |
181 | klogd - daemon | 189 | klogd - daemon |
182 | last - runner (I've got 1300 lines of output when tried it) | 190 | last - runner (I've got 1300 lines of output when tried it) |
183 | less - interactive | 191 | less - interactive, longterm |
184 | link - NOFORK | 192 | link - NOFORK |
185 | linux32 - spawner | 193 | linux32 - spawner |
186 | linux64 - spawner | 194 | linux64 - spawner |
187 | linuxrc - daemon | 195 | linuxrc - daemon |
188 | ln - noexec | 196 | ln - noexec |
189 | loadfont | 197 | loadfont |
190 | loadkmap | 198 | loadkmap - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec. |
191 | logger - runner | 199 | logger - runner |
192 | login - suid, interactive | 200 | login - suid, interactive, longterm |
193 | logname - NOFORK | 201 | logname - NOFORK |
194 | losetup - complex | 202 | losetup - complex |
195 | lpd - daemon | 203 | lpd - daemon |
196 | lpq - runner | 204 | lpq - runner |
197 | lpr - runner | 205 | lpr - runner |
198 | ls - noexec. runner | 206 | ls - noexec. runner |
199 | lsattr | 207 | lsattr - runner. noexec candidate (ls is, why not this one?) |
200 | lsmod - noexec | 208 | lsmod - noexec |
201 | lsof - complex | 209 | lsof - complex |
202 | lspci | 210 | lspci - noexec candidate, too rare to bother for nofork |
203 | lsscsi | 211 | lsscsi - noexec candidate, too rare to bother for nofork |
204 | lsusb | 212 | lsusb - noexec candidate, too rare to bother for nofork |
205 | lzcat - runner | 213 | lzcat - runner |
206 | lzma - runner | 214 | lzma - runner |
207 | lzop - runner | 215 | lzop - runner |
208 | lzopcat - runner | 216 | lzopcat - runner |
209 | makedevs | 217 | makedevs |
210 | makemime - runner | 218 | makemime - runner |
211 | man - spawner, interactive | 219 | man - spawner, interactive, longterm |
212 | md5sum - noexec. runner | 220 | md5sum - noexec. runner |
213 | mdev - daemon | 221 | mdev - daemon |
214 | mesg | 222 | mesg |
215 | microcom - interactive, complex | 223 | microcom - interactive, longterm |
216 | mkdir - NOFORK | 224 | mkdir - NOFORK |
217 | mkdosfs | 225 | mkdosfs |
218 | mke2fs | 226 | mke2fs |
@@ -223,10 +231,10 @@ mkfs.vfat | |||
223 | mknod - noexec | 231 | mknod - noexec |
224 | mkpasswd | 232 | mkpasswd |
225 | mkswap | 233 | mkswap |
226 | mktemp | 234 | mktemp - leaks: xstrdup+concat_path_file |
227 | modinfo - noexec | 235 | modinfo - noexec |
228 | modprobe - noexec | 236 | modprobe - noexec |
229 | more - interactive | 237 | more - interactive, longterm |
230 | mount - suid | 238 | mount - suid |
231 | mountpoint | 239 | mountpoint |
232 | mpstat | 240 | mpstat |
@@ -305,12 +313,11 @@ setpriv - spawner | |||
305 | setserial | 313 | setserial |
306 | setsid - spawner | 314 | setsid - spawner |
307 | setuidgid | 315 | setuidgid |
308 | sh - interactive | ||
309 | sha1sum - noexec. runner | 316 | sha1sum - noexec. runner |
310 | sha256sum - noexec. runner | 317 | sha256sum - noexec. runner |
311 | sha3sum - noexec. runner | 318 | sha3sum - noexec. runner |
312 | sha512sum - noexec. runner | 319 | sha512sum - noexec. runner |
313 | showkey - interactive | 320 | showkey - interactive, longterm |
314 | shred - runner | 321 | shred - runner |
315 | shuf - noexec. runner | 322 | shuf - noexec. runner |
316 | slattach | 323 | slattach |
@@ -342,7 +349,7 @@ tar - runner | |||
342 | taskset - spawner | 349 | taskset - spawner |
343 | tcpsvd - daemon | 350 | tcpsvd - daemon |
344 | tee - runner | 351 | tee - runner |
345 | telnet - interactive | 352 | telnet - interactive, longterm |
346 | telnetd - daemon | 353 | telnetd - daemon |
347 | test - NOFORK | 354 | test - NOFORK |
348 | tftp - runner | 355 | tftp - runner |
@@ -359,7 +366,7 @@ truncate - NOFORK | |||
359 | tty - NOFORK | 366 | tty - NOFORK |
360 | ttysize - NOFORK | 367 | ttysize - NOFORK |
361 | tunctl | 368 | tunctl |
362 | tune2fs | 369 | tune2fs - leaks: open+xfunc |
363 | ubiattach | 370 | ubiattach |
364 | ubidetach | 371 | ubidetach |
365 | ubimkvol | 372 | ubimkvol |
@@ -387,8 +394,8 @@ users - nofork candidate(is getutxent ok?) | |||
387 | usleep - NOFORK | 394 | usleep - NOFORK |
388 | uudecode - runner | 395 | uudecode - runner |
389 | uuencode - runner | 396 | uuencode - runner |
390 | vconfig | 397 | vconfig - leaks: xsocket+ioctl_or_perror_and_die |
391 | vi - interactive | 398 | vi - interactive, longterm |
392 | vlock - suid | 399 | vlock - suid |
393 | volname - runner | 400 | volname - runner |
394 | w | 401 | w |
diff --git a/miscutils/chat.c b/miscutils/chat.c index 216a899a0..1446a040c 100644 --- a/miscutils/chat.c +++ b/miscutils/chat.c | |||
@@ -82,8 +82,8 @@ | |||
82 | //usage: "EXPECT [SEND [EXPECT [SEND...]]]" | 82 | //usage: "EXPECT [SEND [EXPECT [SEND...]]]" |
83 | //usage:#define chat_full_usage "\n\n" | 83 | //usage:#define chat_full_usage "\n\n" |
84 | //usage: "Useful for interacting with a modem connected to stdin/stdout.\n" | 84 | //usage: "Useful for interacting with a modem connected to stdin/stdout.\n" |
85 | //usage: "A script consists of one or more \"expect-send\" pairs of strings,\n" | 85 | //usage: "A script consists of \"expect-send\" argument pairs.\n" |
86 | //usage: "each pair is a pair of arguments. Example:\n" | 86 | //usage: "Example:\n" |
87 | //usage: "chat '' ATZ OK ATD123456 CONNECT '' ogin: pppuser word: ppppass '~'" | 87 | //usage: "chat '' ATZ OK ATD123456 CONNECT '' ogin: pppuser word: ppppass '~'" |
88 | 88 | ||
89 | #include "libbb.h" | 89 | #include "libbb.h" |
diff --git a/util-linux/freeramdisk.c b/util-linux/freeramdisk.c index 55187cb40..a73578404 100644 --- a/util-linux/freeramdisk.c +++ b/util-linux/freeramdisk.c | |||
@@ -67,8 +67,12 @@ int freeramdisk_main(int argc UNUSED_PARAM, char **argv) | |||
67 | fd = xopen(single_argv(argv), O_RDWR); | 67 | fd = xopen(single_argv(argv), O_RDWR); |
68 | 68 | ||
69 | // Act like freeramdisk, fdflush, or both depending on configuration. | 69 | // Act like freeramdisk, fdflush, or both depending on configuration. |
70 | ioctl_or_perror_and_die(fd, (ENABLE_FREERAMDISK && applet_name[1] == 'r') | 70 | ioctl_or_perror_and_die(fd, |
71 | || !ENABLE_FDFLUSH ? BLKFLSBUF : FDFLUSH, NULL, "%s", argv[1]); | 71 | ((ENABLE_FREERAMDISK && applet_name[1] == 'r') || !ENABLE_FDFLUSH) |
72 | ? BLKFLSBUF | ||
73 | : FDFLUSH, | ||
74 | NULL, "%s", argv[1] | ||
75 | ); | ||
72 | 76 | ||
73 | if (ENABLE_FEATURE_CLEAN_UP) close(fd); | 77 | if (ENABLE_FEATURE_CLEAN_UP) close(fd); |
74 | 78 | ||