1 Why an applet can't be NOFORK or NOEXEC?
4 interactive: may wait for user input, ^C has to work
5 spawner: "tool PROG ARGS" which changes program's environment - must fork
6 changes state: e.g. environment, signal handlers
7 alloc+xfunc: xmalloc, then xfunc - leaks memory if xfunc dies
8 open+xfunc: opens fd, then calls xfunc - fd is leaked if xfunc dies
9 runner: sometimes may run for long(ish) time, and/or works with network:
10 ^C has to work (cat BIGFILE, chmod -R, ftpget, nc)
12 "runners" can become eligible after shell is taught ^C to interrupt NOFORKs!
15 suid: runs under different uid - must fork+exec
17 Why shouldn't be NOFORK/NOEXEC:
18 complex: no immediately obvious reason why NOFORK wouldn't work,
19 but does some non-obvoius operations (example: fuser, lsof, losetup);
20 nested xmallocs (typical in complex code) is a problem for NOFORK
21 rare: not used often enough to bother optimizing (example: poweroff)
22 longterm: often runs for a long time (many seconds), execing would make
23 memory footprint smaller
24 daemon: runs indefinitely
51 cal - runner: cal -n9999
55 chgrp - noexec. runner
56 chmod - noexec. runner
57 chown - noexec. runner
58 chpasswd - runner (list of "user:password"s from stdin)
63 cksum - noexec. runner
75 date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf)
76 dc - runner (eats stdin if no params)
82 devmem - runner, complex (access to device memory may hang)
83 df - complex (nested allocs)
89 dnsdomainname - DNS resolution may trigger, need ^C
90 dos2unix - noexec. runner
99 env - noexec. changes state (env)
103 expr - complex (nested allocs)
104 factor - runner (eats stdin if no params)
107 fatattr - complex (xopen+xioctl can leak fd)
109 fbsplash - runner, interactive
115 find - noexec. runner
122 fold - noexec. runner
123 free - nofork candidate(struct globals, needs to close /proc/meminfo fd)
134 getopt - noexec. complex (many allocs)
142 hdparm - complex, rare
143 head - noexec. runner
144 hexdump - noexec. runner
146 hostname - DNS resolution may trigger, need ^C
165 ip - noexec candidate
166 ipaddr - noexec candidate
167 ipcalc - noexec candidate
168 ipcrm - noexec candidate
169 ipcs - noexec candidate
170 iplink - noexec candidate
171 ipneigh - noexec candidate
172 iproute - noexec candidate
173 iprule - noexec candidate
174 iptunnel - noexec candidate
180 last - runner (I've got 1300 lines of output when tried it)
190 login - suid, interactive
209 man - spawner, interactive
210 md5sum - noexec. runner
213 microcom - interactive, complex
232 mv - runner (can be noexec?)
236 netstat - runner with -c
247 paste - noexec. runner
249 pgrep - nofork candidate(xregcomp, procps_scan - are they ok?)
250 pidof - nofork candidate(uses find_pid_by_name, is that ok?)
255 pkill - nofork candidate(xregcomp, procps_scan - are they ok?)
259 powertop - interactive, longterm
262 ps - noexec candidate
276 renice - nofork candidate(uses getpwnam, is that ok?)
277 reset - spawner (execs "stty")
278 resize - noexec. changes state (signal handlers)
280 rm - noexec. rm -i interactive
286 rtcwake - complex, rare
307 sha1sum - noexec. runner
308 sha256sum - noexec. runner
309 sha3sum - noexec. runner
310 sha512sum - noexec. runner
311 showkey - interactive
313 shuf - noexec. runner
318 sort - noexec. runner
322 stat - nofork candidate(needs fewer allocs)
333 switch_root - spawner, rare, changes state
348 time - spawner, changes state (signals)
349 timeout - spawner, changes state (signals)
350 top - interactive, longterm
353 traceroute - suid, runner
354 traceroute6 - suid, runner
377 unix2dos - noexec. runner
383 uptime - nofork candidate(is getutxent ok?)
384 users - nofork candidate(is getutxent ok?)
402 xargs - noexec. spawner