add/remove-shell,add/deluser,add/delgroup: make them NOEXEC

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 9c8df23ab6b3892d423c15da8b59a3669dd92aaa..ac04f75da9c5c04b4a554f020bbf0bbc8e0f6757 100644 (file)
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -36,9 +36,9 @@ IOW: rm is "interactive", but not "longterm".
 [ - NOFORK
 [[ - NOFORK
 acpid - daemon
-add-shell
-addgroup
-adduser
+add-shell - noexec. leaks: open+xfunc
+addgroup - noexec. leaks
+adduser - noexec. leaks
 adjtimex - NOFORK
 ar - runner
 arch - NOFORK
@@ -86,8 +86,8 @@ date - noexec. nofork candidate(needs to stop messing up env, free xasprintf res
 dc - runner (eats stdin if no params)
 dd - noexec. runner
 deallocvt - noexec. leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds
-delgroup
-deluser
+delgroup - noexec. leaks
+deluser - noexec. leaks
 depmod - complex, rare
 devmem - runner, complex (access to device memory may hang)
 df - leaks: nested allocs
@@ -282,7 +282,7 @@ readprofile - reads /boot/System.map and /proc/profile, better to free more memo
 realpath - NOFORK
 reboot - rare
 reformime - runner
-remove-shell
+remove-shell - noexec. leaks: open+xfunc
 renice - nofork candidate(uses getpwnam, is that ok?)
 reset - noexec. spawner (execs "stty")
 resize - noexec. changes state (signal handlers)

diff --git a/loginutils/add-remove-shell.c b/loginutils/add-remove-shell.c
index 750b44bd6b0e5b5cb272df874a3528b8b1327a75..6d03de254fc3f6a370205d0f8fe19d658406b03c 100644 (file)
--- a/loginutils/add-remove-shell.c
+++ b/loginutils/add-remove-shell.c
@@ -19,9 +19,9 @@
 //config:      help
 //config:      Remove shells from /etc/shells.
 
-//                       APPLET_ODDNAME:name          main              location         suid_type     help
-//applet:IF_ADD_SHELL(   APPLET_ODDNAME(add-shell   , add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, add_shell   ))
-//applet:IF_REMOVE_SHELL(APPLET_ODDNAME(remove-shell, add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, remove_shell))
+//                       APPLET_NOEXEC:name          main              location         suid_type     help
+//applet:IF_ADD_SHELL(   APPLET_NOEXEC(add-shell   , add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, add_shell   ))
+//applet:IF_REMOVE_SHELL(APPLET_NOEXEC(remove-shell, add_remove_shell, BB_DIR_USR_SBIN, BB_SUID_DROP, remove_shell))
 
 //kbuild:lib-$(CONFIG_ADD_SHELL)    += add-remove-shell.o
 //kbuild:lib-$(CONFIG_REMOVE_SHELL) += add-remove-shell.o
@@ -64,6 +64,7 @@ int add_remove_shell_main(int argc UNUSED_PARAM, char **argv)
        if (orig_fp)
                xfstat(fileno(orig_fp), &sb, orig_fn);
 
+
        new_fn = xasprintf("%s.tmp", orig_fn);
        /*
         * O_TRUNC or O_EXCL? At the first glance, O_EXCL looks better,

diff --git a/loginutils/addgroup.c b/loginutils/addgroup.c
index b197fc1495746bb64171df6557d2d46c97354588..30f7e72dc7c5208cfd9ce5a6d28c52d4b25ee421 100644 (file)
--- a/loginutils/addgroup.c
+++ b/loginutils/addgroup.c
@@ -29,7 +29,7 @@
 //config:      addgroup will add an existing user to an
 //config:      existing group.
 
-//applet:IF_ADDGROUP(APPLET(addgroup, BB_DIR_USR_SBIN, BB_SUID_DROP))
+//applet:IF_ADDGROUP(APPLET_NOEXEC(addgroup, addgroup, BB_DIR_USR_SBIN, BB_SUID_DROP, addgroup))
 
 //kbuild:lib-$(CONFIG_ADDGROUP) += addgroup.o
 

diff --git a/loginutils/adduser.c b/loginutils/adduser.c
index ef18278aced4c7aa09af0e712c29cb09a82a7e44..913dbaf8345709f2b786de6f1409f2c3cd9e7048 100644 (file)
--- a/loginutils/adduser.c
+++ b/loginutils/adduser.c
@@ -53,7 +53,7 @@
 //config:      help
 //config:      Last valid system uid or gid for adduser and addgroup
 
-//applet:IF_ADDUSER(APPLET(adduser, BB_DIR_USR_SBIN, BB_SUID_DROP))
+//applet:IF_ADDUSER(APPLET_NOEXEC(adduser, adduser, BB_DIR_USR_SBIN, BB_SUID_DROP, adduser))
 
 //kbuild:lib-$(CONFIG_ADDUSER) += adduser.o
 

diff --git a/loginutils/deluser.c b/loginutils/deluser.c
index 3b6bd952d04e2eebc3f47551dcf37913bae41f17..f5bc3c28abb74dcc0f8b511e778e01c088e2b688 100644 (file)
--- a/loginutils/deluser.c
+++ b/loginutils/deluser.c
@@ -28,8 +28,9 @@
 //config:      If called with two non-option arguments, deluser
 //config:      or delgroup will remove an user from a specified group.
 
-//applet:IF_DELUSER(APPLET(deluser, BB_DIR_USR_SBIN, BB_SUID_DROP))
-//applet:IF_DELGROUP(APPLET_ODDNAME(delgroup, deluser, BB_DIR_USR_SBIN, BB_SUID_DROP, delgroup))
+//                   APPLET_NOEXEC:name      main     location         suid_type     help
+//applet:IF_DELUSER( APPLET_NOEXEC(deluser,  deluser, BB_DIR_USR_SBIN, BB_SUID_DROP, deluser))
+//applet:IF_DELGROUP(APPLET_NOEXEC(delgroup, deluser, BB_DIR_USR_SBIN, BB_SUID_DROP, delgroup))
 
 //kbuild:lib-$(CONFIG_DELUSER) += deluser.o
 //kbuild:lib-$(CONFIG_DELGROUP) += deluser.o