Improve STANDALONE_SHELL. "safe" applets are renamed NOEXEC applets

and now this fact is recorded in applets.h, not ash.c.

Several fixes to "--help + STANDALONE_SHELL" scenarios.

function                                             old     new   delta
run_current_applet_and_exit                            -     355    +355
arith                                               2064    2073      +9
refresh                                             1148    1156      +8
getopt32                                            1068    1073      +5
telnet_main                                         1510    1514      +4
md5_sha1_sum_main                                    565     566      +1
xstrtoul_range_sfx                                   255     251      -4
packed_usage                                       22523   22514      -9
tryexec                                              255     203     -52
static.safe_applets                                  152       -    -152
.rodata                                           131320  131128    -192
run_applet_by_name                                   869     506    -363
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 5/5 up/down: 382/-772)         Total: -390 bytes

./busybox ash -c 'i=20000; while test $i != 0; do touch z; i=$((i-1)); done'
runs more than twice as fast with STANDALONE_SHELL versus without.

5 files changed, 65 insertions, 93 deletions

diff --git a/applets/applets.c b/applets/applets.c
index 8acfd95a9..c8e85cdb1 100644
--- a/applets/applets.c
+++ b/applets/applets.c
@@ -49,7 +49,7 @@ static const char usage_messages[] =
 const unsigned short NUM_APPLETS = sizeof(applets) / sizeof(struct BB_applet) - 1;
 
 
-static struct BB_applet *current_applet;
+const struct BB_applet *current_applet;
 const char *applet_name ATTRIBUTE_EXTERNALLY_VISIBLE;
 #ifdef BB_NOMMU
 smallint re_execed;
@@ -60,14 +60,11 @@ smallint re_execed;
 #if ENABLE_FEATURE_SUID_CONFIG
 
 /* applets[] is const, so we have to define this "override" structure */
-static struct BB_suid_config
-{
-        struct BB_applet *m_applet;
-
+static struct BB_suid_config {
+        const struct BB_applet *m_applet;
         uid_t m_uid;
         gid_t m_gid;
         mode_t m_mode;
-
         struct BB_suid_config *m_next;
 } *suid_config;
 
@@ -133,7 +130,7 @@ static void parse_config_file(void)
 {
         struct BB_suid_config *sct_head;
         struct BB_suid_config *sct;
-        struct BB_applet *applet;
+        const struct BB_applet *applet;
         FILE *f;
         const char *errmsg;
         char *s;
@@ -330,7 +327,7 @@ static void parse_config_file(void)
 
 
 #if ENABLE_FEATURE_SUID
-static void check_suid(struct BB_applet *applet)
+static void check_suid(const struct BB_applet *applet)
 {
         uid_t ruid = getuid();               /* real [ug]id */
         uid_t rgid = getgid();
@@ -476,7 +473,7 @@ static int applet_name_compare(const void *name, const void *vapplet)
         return strcmp(name, applet->name);
 }
 
-struct BB_applet *find_applet_by_name(const char *name)
+const struct BB_applet *find_applet_by_name(const char *name)
 {
         /* Do a binary search to find the applet entry given the name. */
         return bsearch(name, applets, NUM_APPLETS, sizeof(struct BB_applet),
@@ -599,17 +596,21 @@ static int busybox_main(int argc, char **argv)
         bb_error_msg_and_die("applet not found");
 }
 
+void run_current_applet_and_exit(int argc, char **argv)
+{
+        applet_name = current_applet->name;
+        if (argc == 2 && !strcmp(argv[1], "--help"))
+                bb_show_usage();
+        if (ENABLE_FEATURE_SUID)
+                check_suid(current_applet);
+        exit(current_applet->main(argc, argv));
+}
+
 void run_applet_by_name(const char *name, int argc, char **argv)
 {
         current_applet = find_applet_by_name(name);
-        if (current_applet) {
-                applet_name = current_applet->name;
-                if (argc == 2 && !strcmp(argv[1], "--help"))
-                        bb_show_usage();
-                if (ENABLE_FEATURE_SUID)
-                        check_suid(current_applet);
-                exit(current_applet->main(argc, argv));
-        }
+        if (current_applet)
+                run_current_applet_and_exit(argc, argv);
         if (!strncmp(name, "busybox", 7))
                 exit(busybox_main(argc, argv));
 }
diff --git a/include/applets.h b/include/applets.h
index e8d75b7d7..f411aa258 100644
--- a/include/applets.h
+++ b/include/applets.h
@@ -27,27 +27,32 @@ s     - suid type:
 # define APPLET(name,l,s)                    int name##_main(int argc, char **argv);
 # define APPLET_NOUSAGE(name,main,l,s)       int main##_main(int argc, char **argv);
 # define APPLET_ODDNAME(name,main,l,s,name2) int main##_main(int argc, char **argv);
+# define APPLET_NOEXEC(name,main,l,s,name2)  int main##_main(int argc, char **argv);
 
 #elif defined(MAKE_USAGE) && ENABLE_FEATURE_VERBOSE_USAGE
 # define APPLET(name,l,s)                    name##_trivial_usage "\n\n" name##_full_usage "\0"
 # define APPLET_NOUSAGE(name,main,l,s)       "\b\0"
 # define APPLET_ODDNAME(name,main,l,s,name2) name2##_trivial_usage "\n\n" name2##_full_usage "\0"
+# define APPLET_NOEXEC(name,main,l,s,name2)  name2##_trivial_usage "\n\n" name2##_full_usage "\0"
 
 #elif defined(MAKE_USAGE) && !ENABLE_FEATURE_VERBOSE_USAGE
 # define APPLET(name,l,s)                    name##_trivial_usage "\0"
 # define APPLET_NOUSAGE(name,main,l,s)       "\b\0"
 # define APPLET_ODDNAME(name,main,l,s,name2) name2##_trivial_usage "\0"
+# define APPLET_NOEXEC(name,main,l,s,name2)  name2##_trivial_usage "\0"
 
 #elif defined(MAKE_LINKS)
 # define APPLET(name,l,c)                    LINK l name
 # define APPLET_NOUSAGE(name,main,l,s)       LINK l name
 # define APPLET_ODDNAME(name,main,l,s,name2) LINK l name
+# define APPLET_NOEXEC(name,main,l,s,name2)  LINK l name
 
 #else
   const struct BB_applet applets[] = { /*    name,main,location,need_suid */
 # define APPLET(name,l,s)                    {#name,name##_main,l,s},
 # define APPLET_NOUSAGE(name,main,l,s)       {#name,main##_main,l,s},
 # define APPLET_ODDNAME(name,main,l,s,name2) {#name,main##_main,l,s},
+# define APPLET_NOEXEC(name,main,l,s,name2)  {#name,main##_main,l,s,1},
 #endif
 
 #if ENABLE_INSTALL_NO_USR
@@ -55,7 +60,8 @@ s     - suid type:
 # define _BB_DIR_USR_SBIN _BB_DIR_SBIN
 #endif
 
-USE_TEST(APPLET_NOUSAGE([, test, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+
+USE_TEST(APPLET_NOEXEC([, test, _BB_DIR_USR_BIN, _BB_SUID_NEVER, test))
 USE_TEST(APPLET_NOUSAGE([[, test, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_ADDGROUP(APPLET(addgroup, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_ADDUSER(APPLET(adduser, _BB_DIR_BIN, _BB_SUID_NEVER))
@@ -64,20 +70,20 @@ USE_AR(APPLET(ar, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_ARP(APPLET(arp, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_ARPING(APPLET(arping, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_ASH(APPLET_NOUSAGE(ash, ash, _BB_DIR_BIN, _BB_SUID_NEVER))
-USE_AWK(APPLET(awk, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+USE_AWK(APPLET_NOEXEC(awk, awk, _BB_DIR_USR_BIN, _BB_SUID_NEVER, awk))
 USE_BASENAME(APPLET(basename, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_BBCONFIG(APPLET(bbconfig, _BB_DIR_BIN, _BB_SUID_NEVER))
 //USE_BBSH(APPLET(bbsh, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_BUNZIP2(APPLET(bunzip2, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_BUNZIP2(APPLET_ODDNAME(bzcat, bunzip2, _BB_DIR_USR_BIN, _BB_SUID_NEVER, bzcat))
 USE_CAL(APPLET(cal, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_CAT(APPLET(cat, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_CAT(APPLET_NOEXEC(cat, cat, _BB_DIR_BIN, _BB_SUID_NEVER, cat))
 USE_CATV(APPLET(catv, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_CHATTR(APPLET(chattr, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_CHCON(APPLET(chcon, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_CHGRP(APPLET(chgrp, _BB_DIR_BIN, _BB_SUID_NEVER))
-USE_CHMOD(APPLET(chmod, _BB_DIR_BIN, _BB_SUID_NEVER))
-USE_CHOWN(APPLET(chown, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_CHMOD(APPLET_NOEXEC(chmod, chmod, _BB_DIR_BIN, _BB_SUID_NEVER, chmod))
+USE_CHOWN(APPLET_NOEXEC(chown, chown, _BB_DIR_BIN, _BB_SUID_NEVER, chown))
 USE_CHPST(APPLET(chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_CHROOT(APPLET(chroot, _BB_DIR_USR_SBIN, _BB_SUID_NEVER))
 USE_CHRT(APPLET(chrt, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
@@ -86,14 +92,14 @@ USE_CKSUM(APPLET(cksum, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_CLEAR(APPLET(clear, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_CMP(APPLET(cmp, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_COMM(APPLET(comm, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_CP(APPLET(cp, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_CP(APPLET_NOEXEC(cp, cp, _BB_DIR_BIN, _BB_SUID_NEVER, cp))
 USE_CPIO(APPLET(cpio, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_CROND(APPLET(crond, _BB_DIR_USR_SBIN, _BB_SUID_NEVER))
 USE_CRONTAB(APPLET(crontab, _BB_DIR_USR_BIN, _BB_SUID_ALWAYS))
-USE_CUT(APPLET(cut, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+USE_CUT(APPLET_NOEXEC(cut, cut, _BB_DIR_USR_BIN, _BB_SUID_NEVER, cut))
 USE_DATE(APPLET(date, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_DC(APPLET(dc, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_DD(APPLET(dd, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_DD(APPLET_NOEXEC(dd, dd, _BB_DIR_BIN, _BB_SUID_NEVER, dd))
 USE_DEALLOCVT(APPLET(deallocvt, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_DELGROUP(APPLET_ODDNAME(delgroup, deluser, _BB_DIR_BIN, _BB_SUID_NEVER, delgroup))
 USE_DELUSER(APPLET(deluser, _BB_DIR_BIN, _BB_SUID_NEVER))
@@ -112,7 +118,7 @@ USE_DUMPKMAP(APPLET(dumpkmap, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_APP_DUMPLEASES(APPLET(dumpleases, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 //USE_E2FSCK(APPLET(e2fsck, _BB_DIR_SBIN, _BB_SUID_NEVER))
 //USE_E2LABEL(APPLET_NOUSAGE(e2label, tune2fs, _BB_DIR_SBIN, _BB_SUID_NEVER))
-USE_ECHO(APPLET(echo, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_ECHO(APPLET_NOEXEC(echo, echo, _BB_DIR_BIN, _BB_SUID_NEVER, echo))
 USE_ED(APPLET(ed, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_FEATURE_GREP_EGREP_ALIAS(APPLET_NOUSAGE(egrep, grep, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_EJECT(APPLET(eject, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
@@ -128,7 +134,7 @@ USE_FDFLUSH(APPLET_ODDNAME(fdflush, freeramdisk, _BB_DIR_BIN, _BB_SUID_NEVER, fd
 USE_FDFORMAT(APPLET(fdformat, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_FDISK(APPLET(fdisk, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_FEATURE_GREP_FGREP_ALIAS(APPLET_NOUSAGE(fgrep, grep, _BB_DIR_BIN, _BB_SUID_NEVER))
-USE_FIND(APPLET(find, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+USE_FIND(APPLET_NOEXEC(find, find, _BB_DIR_USR_BIN, _BB_SUID_NEVER, find))
 //USE_FINDFS(APPLET_NOUSAGE(findfs, tune2fs, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_FOLD(APPLET(fold, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_FREE(APPLET(free, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
@@ -150,7 +156,7 @@ USE_GZIP(APPLET(gzip, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_HALT(APPLET(halt, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_HDPARM(APPLET(hdparm, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_HEAD(APPLET(head, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_HEXDUMP(APPLET(hexdump, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+USE_HEXDUMP(APPLET_NOEXEC(hexdump, hexdump, _BB_DIR_USR_BIN, _BB_SUID_NEVER, hexdump))
 USE_HOSTID(APPLET(hostid, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_HOSTNAME(APPLET(hostname, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_HTTPD(APPLET(httpd, _BB_DIR_USR_SBIN, _BB_SUID_NEVER))
@@ -184,7 +190,7 @@ USE_LESS(APPLET(less, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_SETARCH(APPLET_NOUSAGE(linux32, setarch, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_SETARCH(APPLET_NOUSAGE(linux64, setarch, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_FEATURE_INITRD(APPLET_NOUSAGE(linuxrc, init, _BB_DIR_ROOT, _BB_SUID_NEVER))
-USE_LN(APPLET(ln, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_LN(APPLET_NOEXEC(ln, ln, _BB_DIR_BIN, _BB_SUID_NEVER, ln))
 USE_LOAD_POLICY(APPLET(load_policy, _BB_DIR_USR_SBIN, _BB_SUID_NEVER))
 USE_LOADFONT(APPLET(loadfont, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_LOADKMAP(APPLET(loadkmap, _BB_DIR_SBIN, _BB_SUID_NEVER))
@@ -193,7 +199,7 @@ USE_LOGIN(APPLET(login, _BB_DIR_BIN, _BB_SUID_ALWAYS))
 USE_LOGNAME(APPLET(logname, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_LOGREAD(APPLET(logread, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_LOSETUP(APPLET(losetup, _BB_DIR_SBIN, _BB_SUID_NEVER))
-USE_LS(APPLET(ls, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_LS(APPLET_NOEXEC(ls, ls, _BB_DIR_BIN, _BB_SUID_NEVER, ls))
 USE_LSATTR(APPLET(lsattr, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_LSMOD(APPLET(lsmod, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_UNLZMA(APPLET_ODDNAME(lzmacat, unlzma, _BB_DIR_USR_BIN, _BB_SUID_NEVER, lzmacat))
@@ -202,7 +208,7 @@ USE_MAKEDEVS(APPLET(makedevs, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_MD5SUM(APPLET_ODDNAME(md5sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_NEVER, md5sum))
 USE_MDEV(APPLET(mdev, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_MESG(APPLET(mesg, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_MKDIR(APPLET(mkdir, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_MKDIR(APPLET_NOEXEC(mkdir, mkdir, _BB_DIR_BIN, _BB_SUID_NEVER, mkdir))
 //USE_MKE2FS(APPLET(mke2fs, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_MKFIFO(APPLET(mkfifo, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 //USE_MKE2FS(APPLET_NOUSAGE(mkfs.ext2, mke2fs, _BB_DIR_SBIN, _BB_SUID_NEVER))
@@ -249,7 +255,7 @@ USE_HALT(APPLET_ODDNAME(reboot, halt, _BB_DIR_SBIN, _BB_SUID_NEVER, reboot))
 USE_RENICE(APPLET(renice, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_RESET(APPLET(reset, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_RESIZE(APPLET(resize, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_RM(APPLET(rm, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_RM(APPLET_NOEXEC(rm, rm, _BB_DIR_BIN, _BB_SUID_NEVER, rm))
 USE_RMDIR(APPLET(rmdir, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_RMMOD(APPLET(rmmod, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_ROUTE(APPLET(route, _BB_DIR_SBIN, _BB_SUID_NEVER))
@@ -278,7 +284,7 @@ USE_FEATURE_SH_IS_MSH(APPLET_NOUSAGE(sh, msh, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_SHA1SUM(APPLET_ODDNAME(sha1sum, md5_sha1_sum, _BB_DIR_USR_BIN, _BB_SUID_NEVER, sha1sum))
 USE_SLEEP(APPLET(sleep, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_SOFTLIMIT(APPLET_ODDNAME(softlimit, chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER, softlimit))
-USE_SORT(APPLET(sort, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+USE_SORT(APPLET_NOEXEC(sort, sort, _BB_DIR_USR_BIN, _BB_SUID_NEVER, sort))
 USE_SPLIT(APPLET(split, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_START_STOP_DAEMON(APPLET_ODDNAME(start-stop-daemon, start_stop_daemon, _BB_DIR_SBIN, _BB_SUID_NEVER, start_stop_daemon))
 USE_STAT(APPLET(stat, _BB_DIR_BIN, _BB_SUID_NEVER))
@@ -302,13 +308,13 @@ USE_TCPSVD(APPLET_ODDNAME(tcpsvd, tcpudpsvd, _BB_DIR_USR_BIN, _BB_SUID_NEVER, tc
 USE_TEE(APPLET(tee, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_TELNET(APPLET(telnet, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_TELNETD(APPLET(telnetd, _BB_DIR_USR_SBIN, _BB_SUID_NEVER))
-USE_TEST(APPLET(test, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+USE_TEST(APPLET_NOEXEC(test, test, _BB_DIR_USR_BIN, _BB_SUID_NEVER, test))
 #if ENABLE_FEATURE_TFTP_GET || ENABLE_FEATURE_TFTP_PUT
 USE_TFTP(APPLET(tftp, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 #endif
 USE_TIME(APPLET(time, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_TOP(APPLET(top, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_TOUCH(APPLET(touch, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_TOUCH(APPLET_NOEXEC(touch, touch, _BB_DIR_BIN, _BB_SUID_NEVER, touch))
 USE_TR(APPLET(tr, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_TRACEROUTE(APPLET(traceroute, _BB_DIR_USR_BIN, _BB_SUID_MAYBE))
 USE_TRUE(APPLET(true, _BB_DIR_BIN, _BB_SUID_NEVER))
@@ -338,17 +344,17 @@ USE_WGET(APPLET(wget, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_WHICH(APPLET(which, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_WHO(APPLET(who, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_WHOAMI(APPLET(whoami, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
-USE_XARGS(APPLET(xargs, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
+USE_XARGS(APPLET_NOEXEC(xargs, xargs, _BB_DIR_USR_BIN, _BB_SUID_NEVER, xargs))
 USE_YES(APPLET(yes, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_GUNZIP(APPLET_ODDNAME(zcat, gunzip, _BB_DIR_BIN, _BB_SUID_NEVER, zcat))
 USE_ZCIP(APPLET(zcip, _BB_DIR_SBIN, _BB_SUID_NEVER))
 
 #if !defined(PROTOTYPES) && !defined(MAKE_USAGE)
-        { 0,NULL,0,0 }
+        { 0, NULL, 0, 0 }
 };
-
 #endif
 
 #undef APPLET
 #undef APPLET_NOUSAGE
 #undef APPLET_ODDNAME
+#undef APPLET_NOEXEC
diff --git a/include/busybox.h b/include/busybox.h
index 988137497..6f4808778 100644
--- a/include/busybox.h
+++ b/include/busybox.h
@@ -27,8 +27,15 @@ enum SUIDRoot {
 struct BB_applet {
         const char *name;
         int (*main) (int argc, char **argv);
-        __extension__ enum Location location:4;
-        __extension__ enum SUIDRoot need_suid:4;
+        __extension__ enum Location location:8;
+        __extension__ enum SUIDRoot need_suid:8;
+        /* true if instead if fork(); exec("applet"); waitpid();
+         * one can do fork(); exit(applet_main(argc,argv)); waitpid(); */
+        unsigned char noexec;
+        /* Even nicer */
+        /* true if instead if fork(); exec("applet"); waitpid();
+         * one can simply call applet_main(argc,argv); */
+        unsigned char nofork;
 };
 
 /* Defined in applet.c */
diff --git a/include/libbb.h b/include/libbb.h
index 8f43aeafc..4fc5d183f 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -662,9 +662,11 @@ const struct hwtype *get_hwntype(int type);
 
 
 #ifndef BUILD_INDIVIDUAL
-extern struct BB_applet *find_applet_by_name(const char *name);
+struct BB_applet;
+extern const struct BB_applet *find_applet_by_name(const char *name);
 /* Returns only if applet is not found. */
 extern void run_applet_by_name(const char *name, int argc, char **argv);
+extern void run_current_applet_and_exit(int argc, char **argv) ATTRIBUTE_NORETURN;
 #endif
 
 extern int match_fstype(const struct mntent *mt, const char *fstypes);
@@ -870,6 +872,7 @@ enum {	/* DO NOT CHANGE THESE VALUES!  cp.c, mv.c, install.c depend on them. */
 };
 
 #define FILEUTILS_CP_OPTSTR "pdRfils" USE_SELINUX("c")
+extern const struct BB_applet *current_applet;
 extern const char *applet_name;
 extern const char BB_BANNER[];
 
diff --git a/shell/ash.c b/shell/ash.c
index 950cdaa02..f98fc4178 100644
--- a/shell/ash.c
+++ b/shell/ash.c
@@ -6468,43 +6468,6 @@ casematch(union node *pattern, char *val)
 
 /* ============ find_command */
 
-#if ENABLE_FEATURE_SH_STANDALONE_SHELL
-static int
-is_safe_applet(char *name)
-{
-        /* It isn't a bug to have non-existent applet here... */
-        /* ...just a waste of space... */
-        static const char safe_applets[][8] = {
-                "["
-                USE_AWK    (, "awk"    )
-                USE_CAT    (, "cat"    )
-                USE_CHMOD  (, "chmod"  )
-                USE_CHOWN  (, "chown"  )
-                USE_CP     (, "cp"     )
-                USE_CUT    (, "cut"    )
-                USE_DD     (, "dd"     )
-                USE_ECHO   (, "echo"   )
-                USE_FIND   (, "find"   )
-                USE_HEXDUMP(, "hexdump")
-                USE_LN     (, "ln"     )
-                USE_LS     (, "ls"     )
-                USE_MKDIR  (, "mkdir"  )
-                USE_RM     (, "rm"     )
-                USE_SORT   (, "sort"   )
-                USE_TEST   (, "test"   )
-                USE_TOUCH  (, "touch"  )
-                USE_XARGS  (, "xargs"  )
-        };
-        int n = sizeof(safe_applets) / sizeof(safe_applets[0]);
-        int i;
-        for (i = 0; i < n; i++)
-                if (strcmp(safe_applets[i], name) == 0)
-                        return 1;
-
-        return 0;
-}
-#endif
-
 struct builtincmd {
         const char *name;
         int (*builtin)(int, char **);
@@ -6570,17 +6533,15 @@ tryexec(char *cmd, char **argv, char **envp)
 
 #if ENABLE_FEATURE_SH_STANDALONE_SHELL
         if (strchr(cmd, '/') == NULL) {
-                struct BB_applet *a;
-                char **c;
+                const struct BB_applet *a;
 
                 a = find_applet_by_name(cmd);
                 if (a) {
-                        if (is_safe_applet(cmd)) {
-                                c = argv;
-                                while (*c)
-                                        c++;
-                                applet_name = cmd;
-                                exit(a->main(c - argv, argv));
+                        if (a->noexec) {
+                                char **c = argv;
+                                while (*c) c++;
+                                current_applet = a;
+                                run_current_applet_and_exit(c - argv, argv);
                         }
                         /* re-exec ourselves with the new arguments */
                         execve(CONFIG_BUSYBOX_EXEC_PATH, argv, envp);
@@ -6608,7 +6569,7 @@ tryexec(char *cmd, char **argv, char **envp)
                         ;
                 ap = new = ckmalloc((ap - argv + 2) * sizeof(char *));
                 ap[1] = cmd;
-                *ap = cmd = (char *)DEFAULT_SHELL;
+                ap[0] = cmd = (char *)DEFAULT_SHELL;
                 ap += 2;
                 argv++;
                 while ((*ap++ = *argv++))
@@ -11161,12 +11122,6 @@ find_command(char *name, struct cmdentry *entry, int act, const char *path)
                 entry->u.index = -1;
                 return;
         }
-        /* Already caught above
-        if (is_safe_applet(name)) {
-                entry->cmdtype = CMDNORMAL;
-                entry->u.index = -1;
-                return;
-        }*/
 #endif
 
         updatetbl = (path == pathval());