diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2018-01-14 14:41:52 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2018-01-14 14:41:52 +0100 |
| commit | 88663e481f3284225ea0ceaf97f3904adedb21a2 (patch) | |
| tree | d65941d5e313bcc74b415273a3f51eecc998cc40 | |
| parent | cbdc37cae079d6b52ca39fb6c1dd6eadab48b617 (diff) | |
| download | busybox-w32-88663e481f3284225ea0ceaf97f3904adedb21a2.tar.gz busybox-w32-88663e481f3284225ea0ceaf97f3904adedb21a2.tar.bz2 busybox-w32-88663e481f3284225ea0ceaf97f3904adedb21a2.zip | |
mv: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| -rw-r--r-- | NOFORK_NOEXEC.lst | 4 | ||||
| -rw-r--r-- | coreutils/cp.c | 1 | ||||
| -rw-r--r-- | coreutils/mv.c | 3 |
3 files changed, 5 insertions, 3 deletions
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index 21a3b41fa..055f9fb24 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst | |||
| @@ -89,7 +89,7 @@ clear - NOFORK | |||
| 89 | cmp - runner | 89 | cmp - runner |
| 90 | comm - runner | 90 | comm - runner |
| 91 | conspy - interactive, longterm | 91 | conspy - interactive, longterm |
| 92 | cp - noexec. runner | 92 | cp - noexec. sometimes runner |
| 93 | cpio - runner | 93 | cpio - runner |
| 94 | crond - daemon | 94 | crond - daemon |
| 95 | crontab - longterm (runs $EDITOR), leaks: open+xasprintf | 95 | crontab - longterm (runs $EDITOR), leaks: open+xasprintf |
| @@ -255,7 +255,7 @@ mount - suid | |||
| 255 | mountpoint - noexec. leaks: option -n "print dev name": find_block_device -> readdir+xstrdup | 255 | mountpoint - noexec. leaks: option -n "print dev name": find_block_device -> readdir+xstrdup |
| 256 | mpstat - longterm: "mpstat 1" runs indefinitely | 256 | mpstat - longterm: "mpstat 1" runs indefinitely |
| 257 | mt - hardware | 257 | mt - hardware |
| 258 | mv - noexec candidate, runner | 258 | mv - noexec. sometimes runner |
| 259 | nameif - noexec. openlog(), leaks: config_open2+ioctl_or_perror_and_die | 259 | nameif - noexec. openlog(), leaks: config_open2+ioctl_or_perror_and_die |
| 260 | nbd-client - noexec | 260 | nbd-client - noexec |
| 261 | nc - runner | 261 | nc - runner |
diff --git a/coreutils/cp.c b/coreutils/cp.c index 5b34c27e7..05c725cd0 100644 --- a/coreutils/cp.c +++ b/coreutils/cp.c | |||
| @@ -26,6 +26,7 @@ | |||
| 26 | //config: Also add support for --parents option. | 26 | //config: Also add support for --parents option. |
| 27 | 27 | ||
| 28 | //applet:IF_CP(APPLET_NOEXEC(cp, cp, BB_DIR_BIN, BB_SUID_DROP, cp)) | 28 | //applet:IF_CP(APPLET_NOEXEC(cp, cp, BB_DIR_BIN, BB_SUID_DROP, cp)) |
| 29 | /* NOEXEC despite cases when it can be a "runner" (cp -r LARGE_DIR NEW_DIR) */ | ||
| 29 | 30 | ||
| 30 | //kbuild:lib-$(CONFIG_CP) += cp.o | 31 | //kbuild:lib-$(CONFIG_CP) += cp.o |
| 31 | 32 | ||
diff --git a/coreutils/mv.c b/coreutils/mv.c index 10cbc506f..aeafd1e40 100644 --- a/coreutils/mv.c +++ b/coreutils/mv.c | |||
| @@ -17,7 +17,8 @@ | |||
| 17 | //config: help | 17 | //config: help |
| 18 | //config: mv is used to move or rename files or directories. | 18 | //config: mv is used to move or rename files or directories. |
| 19 | 19 | ||
| 20 | //applet:IF_MV(APPLET(mv, BB_DIR_BIN, BB_SUID_DROP)) | 20 | //applet:IF_MV(APPLET_NOEXEC(mv, mv, BB_DIR_BIN, BB_SUID_DROP, mv)) |
| 21 | /* NOEXEC despite cases when it can be a "runner" (mv LARGE_DIR OTHER_FS) */ | ||
| 21 | 22 | ||
| 22 | //kbuild:lib-$(CONFIG_MV) += mv.o | 23 | //kbuild:lib-$(CONFIG_MV) += mv.o |
| 23 | 24 | ||