vconfig: make it NOEXEC

author Denys Vlasenko <vda.linux@googlemail.com>

Wed, 9 Aug 2017 16:52:19 +0000 (18:52 +0200)

committer Denys Vlasenko <vda.linux@googlemail.com>

Wed, 9 Aug 2017 16:52:19 +0000 (18:52 +0200)
author Denys Vlasenko <vda.linux@googlemail.com>
Wed, 9 Aug 2017 16:52:19 +0000 (18:52 +0200)
committer Denys Vlasenko <vda.linux@googlemail.com>
Wed, 9 Aug 2017 16:52:19 +0000 (18:52 +0200)
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst

index bfb76a12e7a44462ee00c04929ec5b888ef5f592..063d7cd48359407cd8fd685dfee3a9ee6ea0ae84 100644 (file)
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -400,7 +400,7 @@ users - noexec. nofork candidate(is getutxent ok?)
  usleep - NOFORK
  uudecode - runner
  uuencode - runner
-vconfig - leaks: xsocket+ioctl_or_perror_and_die
+vconfig - noexec. leaks: xsocket+ioctl_or_perror_and_die
  vi - interactive, longterm
  vlock - suid
  volname - hardware (reads CDROM, this can take long-ish if need to spin up)
diff --git a/networking/vconfig.c b/networking/vconfig.c

index e6e2872bfef40c524003210c7fa39ecc70ae3129..62a483865ee5fca951acbc28ab80e4b4172f40e2 100644 (file)
--- a/networking/vconfig.c
+++ b/networking/vconfig.c
@@ -16,7 +16,7 @@
  //config:      help
  //config:      Creates, removes, and configures VLAN interfaces
  
-//applet:IF_VCONFIG(APPLET(vconfig, BB_DIR_SBIN, BB_SUID_DROP))
+//applet:IF_VCONFIG(APPLET_NOEXEC(vconfig, vconfig, BB_DIR_SBIN, BB_SUID_DROP, vconfig))
  
  //kbuild:lib-$(CONFIG_VCONFIG) += vconfig.o
author	Denys Vlasenko <vda.linux@googlemail.com>
	Wed, 9 Aug 2017 16:52:19 +0000 (18:52 +0200)
committer	Denys Vlasenko <vda.linux@googlemail.com>
	Wed, 9 Aug 2017 16:52:19 +0000 (18:52 +0200)
NOFORK_NOEXEC.lst		patch \| blob \| history
networking/vconfig.c		patch \| blob \| history