raidautorun: make it NOEXEC

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 3a30af0e2e2ab6c6fd439cef572edd90cb6c7bfc..99af2435725083f83c2b634ccfad84f702a4ce09 100644 (file)
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -274,7 +274,7 @@ pscan - longterm
 pstree - noexec
 pwd - NOFORK
 pwdx - NOFORK
-raidautorun
+raidautorun - noexec. very simple. leaks: open+xioctl
 rdate - needs ^C (may talk to DNS servers, which may be down)
 rdev - leaks: find_block_device -> readdir+xstrdup
 readlink - NOFORK
@@ -294,7 +294,7 @@ route - needs ^C (may talk to DNS servers, which may be down)
 rpm - runner
 rpm2cpio - runner
 rtcwake - longterm: puts system to sleep, optimizing this for speed is pointless
-run-parts
+run-parts - longterm
 runlevel - noexec. can be nofork if "endutxent()" is called unconditionally, but too rare to bother?
 runsv - daemon
 runsvdir - daemon

diff --git a/miscutils/raidautorun.c b/miscutils/raidautorun.c
index ecedf9ce287f7b0fb0862ebe812b2ef306457219..caf6e0821c3f66468a48d097c191ea54a5250efe 100644 (file)
--- a/miscutils/raidautorun.c
+++ b/miscutils/raidautorun.c
@@ -15,7 +15,7 @@
 //config:      raidautorun tells the kernel md driver to
 //config:      search and start RAID arrays.
 
-//applet:IF_RAIDAUTORUN(APPLET(raidautorun, BB_DIR_SBIN, BB_SUID_DROP))
+//applet:IF_RAIDAUTORUN(APPLET_NOEXEC(raidautorun, raidautorun, BB_DIR_SBIN, BB_SUID_DROP, raidautorun))
 
 //kbuild:lib-$(CONFIG_RAIDAUTORUN) += raidautorun.o