blockdev, fsfreeze, fstrim, mountpoint: make NOEXEC

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

5 files changed, 8 insertions, 8 deletions

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index ad49cd809..b2f410177 100644
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -51,7 +51,7 @@ basename - NOFORK
 beep
 blkdiscard
 blkid
-blockdev - noexec candidate (rather simple), leaks fd
+blockdev - noexec. leaks fd
 bootchartd - daemon
 brctl
 bunzip2 - runner
@@ -134,8 +134,8 @@ free - nofork candidate(struct globals, needs to close /proc/meminfo fd)
 freeramdisk - leaks: open+ioctl_or_perror_and_die
 fsck - interactive, longterm
 fsck.minix - needs ^C
-fsfreeze - noexec candidate (it's very simple), leaks: open+xioctl
-fstrim - noexec candidate (it's very simple), leaks: open+xioctl, find_block_device -> readdir+xstrdup
+fsfreeze - noexec. leaks: open+xioctl
+fstrim - noexec. leaks: open+xioctl, find_block_device -> readdir+xstrdup
 fsync - NOFORK
 ftpd - daemon
 ftpget - runner
@@ -236,7 +236,7 @@ modinfo - noexec
 modprobe - noexec
 more - interactive, longterm
 mount - suid
-mountpoint - noexec candidate, leaks: option -n "print dev name": find_block_device -> readdir+xstrdup
+mountpoint - noexec. leaks: option -n "print dev name": find_block_device -> readdir+xstrdup
 mpstat - noexec candidate (it's a measuring tool, putting less load by itself is good), complex
 mt - rare
 mv - noexec candidate, runner
diff --git a/util-linux/blockdev.c b/util-linux/blockdev.c
index 9e1fef206..e53ade995 100644
--- a/util-linux/blockdev.c
+++ b/util-linux/blockdev.c
@@ -11,7 +11,7 @@
 //config:       help
 //config:       Performs some ioctls with block devices.
 
-//applet:IF_BLOCKDEV(APPLET(blockdev, BB_DIR_SBIN, BB_SUID_DROP))
+//applet:IF_BLOCKDEV(APPLET_NOEXEC(blockdev, blockdev, BB_DIR_SBIN, BB_SUID_DROP, blockdev))
 
 //kbuild:lib-$(CONFIG_BLOCKDEV) += blockdev.o
 
diff --git a/util-linux/fsfreeze.c b/util-linux/fsfreeze.c
index 5c10c8044..c1f31569f 100644
--- a/util-linux/fsfreeze.c
+++ b/util-linux/fsfreeze.c
@@ -13,7 +13,7 @@
 //config:       help
 //config:       Halt new accesses and flush writes on a mounted filesystem.
 
-//applet:IF_FSFREEZE(APPLET(fsfreeze, BB_DIR_USR_SBIN, BB_SUID_DROP))
+//applet:IF_FSFREEZE(APPLET_NOEXEC(fsfreeze, fsfreeze, BB_DIR_USR_SBIN, BB_SUID_DROP, fsfreeze))
 
 //kbuild:lib-$(CONFIG_FSFREEZE) += fsfreeze.o
 
diff --git a/util-linux/fstrim.c b/util-linux/fstrim.c
index 6d0d61d92..49b3ceb72 100644
--- a/util-linux/fstrim.c
+++ b/util-linux/fstrim.c
@@ -15,7 +15,7 @@
 //config:       help
 //config:       Discard unused blocks on a mounted filesystem.
 
-//applet:IF_FSTRIM(APPLET(fstrim, BB_DIR_SBIN, BB_SUID_DROP))
+//applet:IF_FSTRIM(APPLET_NOEXEC(fstrim, fstrim, BB_DIR_SBIN, BB_SUID_DROP, fstrim))
 
 //kbuild:lib-$(CONFIG_FSTRIM) += fstrim.o
 
diff --git a/util-linux/mountpoint.c b/util-linux/mountpoint.c
index b7f048196..50772533f 100644
--- a/util-linux/mountpoint.c
+++ b/util-linux/mountpoint.c
@@ -14,7 +14,7 @@
 //config:       help
 //config:       mountpoint checks if the directory is a mountpoint.
 
-//applet:IF_MOUNTPOINT(APPLET(mountpoint, BB_DIR_BIN, BB_SUID_DROP))
+//applet:IF_MOUNTPOINT(APPLET_NOEXEC(mountpoint, mountpoint, BB_DIR_BIN, BB_SUID_DROP, mountpoint))
 
 //kbuild:lib-$(CONFIG_MOUNTPOINT) += mountpoint.o