chpst - noexec. spawner
chroot - noexec. spawner
chrt - noexec. spawner
-chvt - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. noexec candidate.
+chvt - noexec. leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds
cksum - noexec. runner
clear - NOFORK
cmp - runner
date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf)
dc - runner (eats stdin if no params)
dd - noexec. runner
-deallocvt - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. noexec candidate.
+deallocvt - noexec. leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds
delgroup
deluser
depmod - complex, rare
dos2unix - noexec. runner
dpkg - runner
du - runner
-dumpkmap - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. noexec candidate.
+dumpkmap - noexec. leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds
dumpleases - leaks: open+xread
echo - NOFORK
ed - interactive, longterm
fdflush - leaks: open+ioctl_or_perror_and_die, needs ^C (floppy may be unresponsive), rare
fdformat - needs ^C (floppy may be unresponsive), longterm, rare
fdisk - interactive, longterm
-fgconsole - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. noexec candidate.
+fgconsole - noexec. leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds
fgrep - longterm runner ("CMD | fgrep ..." may run indefinitely, better to exec to conserve memory)
find - noexec. runner
findfs - suid
linuxrc - daemon
ln - noexec
loadfont - leaks: config_open+bb_error_msg_and_die("map format")
-loadkmap - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. noexec candidate.
+loadkmap - noexec. leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds
logger - runner
login - suid, interactive, longterm
logname - NOFORK
//config: This program is used to change to another terminal.
//config: Example: chvt 4 (change to terminal /dev/tty4)
-//applet:IF_CHVT(APPLET(chvt, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_CHVT(APPLET_NOEXEC(chvt, chvt, BB_DIR_USR_BIN, BB_SUID_DROP, chvt))
//kbuild:lib-$(CONFIG_CHVT) += chvt.o
//config: help
//config: This program deallocates unused virtual consoles.
-//applet:IF_DEALLOCVT(APPLET(deallocvt, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_DEALLOCVT(APPLET_NOEXEC(deallocvt, deallocvt, BB_DIR_USR_BIN, BB_SUID_DROP, deallocvt))
//kbuild:lib-$(CONFIG_DEALLOCVT) += deallocvt.o
//config: This program dumps the kernel's keyboard translation table to
//config: stdout, in binary format. You can then use loadkmap to load it.
-//applet:IF_DUMPKMAP(APPLET(dumpkmap, BB_DIR_BIN, BB_SUID_DROP))
+//applet:IF_DUMPKMAP(APPLET_NOEXEC(dumpkmap, dumpkmap, BB_DIR_BIN, BB_SUID_DROP, dumpkmap))
//kbuild:lib-$(CONFIG_DUMPKMAP) += dumpkmap.o
//config: help
//config: This program prints active (foreground) console number.
-//applet:IF_FGCONSOLE(APPLET(fgconsole, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_FGCONSOLE(APPLET_NOEXEC(fgconsole, fgconsole, BB_DIR_USR_BIN, BB_SUID_DROP, fgconsole))
//kbuild:lib-$(CONFIG_FGCONSOLE) += fgconsole.o
//config: This program loads a keyboard translation table from
//config: standard input.
-//applet:IF_LOADKMAP(APPLET(loadkmap, BB_DIR_SBIN, BB_SUID_DROP))
+//applet:IF_LOADKMAP(APPLET_NOEXEC(loadkmap, loadkmap, BB_DIR_SBIN, BB_SUID_DROP, loadkmap))
//kbuild:lib-$(CONFIG_LOADKMAP) += loadkmap.o
projects / oweals / busybox.git / commitdiff