sysctl: make it NOEXEC

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko <vda.linux@googlemail.com> 2017-08-05 18:23:10 +0200
committer: Denys Vlasenko <vda.linux@googlemail.com> 2017-08-05 18:23:10 +0200
commit: caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e (patch)
tree: 653e7f25f818526f5b115139a924766efa41614f
parent: 50db1f29bf96c2ae4dbb96763793a9592d99cf02 (diff)
download: busybox-w32-caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e.tar.gz
busybox-w32-caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e.tar.bz2
busybox-w32-caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e.zip
2 files changed, 2 insertions, 2 deletions
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 1bb571b9c..78d06f3f5 100644
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -341,7 +341,7 @@ swapoff - rare
 swapon - rare
 switch_root - spawner, rare, changes state (oh yes), execing may be important to free binary's inode
 sync - NOFORK
-sysctl - noexec candidate, leaks: xstrdup+xmalloc_read
+sysctl - noexec. leaks: xstrdup+xmalloc_read
 syslogd - daemon
 tac - noexec. runner
 tail - runner
diff --git a/procps/sysctl.c b/procps/sysctl.c
index a42a91247..827e09cce 100644
--- a/procps/sysctl.c
+++ b/procps/sysctl.c
@@ -16,7 +16,7 @@
 //config:       help
 //config:       Configure kernel parameters at runtime.
-//applet:IF_BB_SYSCTL(APPLET(sysctl, BB_DIR_SBIN, BB_SUID_DROP))
+//applet:IF_BB_SYSCTL(APPLET_NOEXEC(sysctl, sysctl, BB_DIR_SBIN, BB_SUID_DROP, sysctl))
 //kbuild:lib-$(CONFIG_BB_SYSCTL) += sysctl.o
author	Denys Vlasenko <vda.linux@googlemail.com>	2017-08-05 18:23:10 +0200
committer	Denys Vlasenko <vda.linux@googlemail.com>	2017-08-05 18:23:10 +0200
commit	caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e (patch)
tree	653e7f25f818526f5b115139a924766efa41614f
parent	50db1f29bf96c2ae4dbb96763793a9592d99cf02 (diff)
download	busybox-w32-caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e.tar.gz busybox-w32-caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e.tar.bz2 busybox-w32-caf26b36f3c11f6b5c8f8ab2bf829d14e4e6980e.zip

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index 1bb571b9c..78d06f3f5 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst
@@ -341,7 +341,7 @@ swapoff - rare
341	swapon - rare	341	swapon - rare
342	switch_root - spawner, rare, changes state (oh yes), execing may be important to free binary's inode	342	switch_root - spawner, rare, changes state (oh yes), execing may be important to free binary's inode
343	sync - NOFORK	343	sync - NOFORK
344	sysctl - noexec candidate, leaks: xstrdup+xmalloc_read	344	sysctl - noexec. leaks: xstrdup+xmalloc_read
345	syslogd - daemon	345	syslogd - daemon
346	tac - noexec. runner	346	tac - noexec. runner
347	tail - runner	347	tail - runner


diff --git a/procps/sysctl.c b/procps/sysctl.c index a42a91247..827e09cce 100644 --- a/procps/sysctl.c +++ b/procps/sysctl.c
@@ -16,7 +16,7 @@
16	//config: help	16	//config: help
17	//config: Configure kernel parameters at runtime.	17	//config: Configure kernel parameters at runtime.
18		18
19	//applet:IF_BB_SYSCTL(APPLET(sysctl, BB_DIR_SBIN, BB_SUID_DROP))	19	//applet:IF_BB_SYSCTL(APPLET_NOEXEC(sysctl, sysctl, BB_DIR_SBIN, BB_SUID_DROP, sysctl))
20		20
21	//kbuild:lib-$(CONFIG_BB_SYSCTL) += sysctl.o	21	//kbuild:lib-$(CONFIG_BB_SYSCTL) += sysctl.o
22		22