From ae84418d269ea44a710b9effa6d64b6334208973 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Mon, 7 Aug 2017 23:14:49 +0200 Subject: [PATCH] losetup: make NOEXEC Signed-off-by: Denys Vlasenko --- NOFORK_NOEXEC.lst | 8 ++++---- util-linux/losetup.c | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index d7e60b442..a8823beff 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst @@ -165,8 +165,8 @@ i2cdump - hardware i2cget - hardware i2cset - hardware id - noexec -ifconfig - leaks: xsocket+ioctl_or_perror_and_die -ifenslave - leaks: xsocket+bb_perror_msg_and_die +ifconfig - hardware? (mem_start NN io_addr NN irq NN), leaks: xsocket+ioctl_or_perror_and_die +ifenslave - noexec. leaks: xsocket+bb_perror_msg_and_die ifplugd - daemon inetd - daemon init - daemon @@ -202,7 +202,7 @@ loadkmap - noexec. leaks: get_console_fd_or_die() may open a new fd, or return o logger - runner login - suid, interactive, longterm logname - NOFORK -losetup - complex +losetup - noexec. complex lpd - daemon lpq - runner lpr - runner @@ -400,7 +400,7 @@ uuencode - runner vconfig - leaks: xsocket+ioctl_or_perror_and_die vi - interactive, longterm vlock - suid -volname - runner +volname - hardware (reads CDROM, this can take long-ish if need to spin up) w - noexec. nofork candidate(is getutxent ok?) wall - suid watch - longterm diff --git a/util-linux/losetup.c b/util-linux/losetup.c index c608de6cc..2f7dc10f5 100644 --- a/util-linux/losetup.c +++ b/util-linux/losetup.c @@ -15,9 +15,9 @@ //config: file or block device, and to query the status of a loop device. This //config: version does not currently support enabling data encryption. -//kbuild:lib-$(CONFIG_LOSETUP) += losetup.o +//applet:IF_LOSETUP(APPLET_NOEXEC(losetup, losetup, BB_DIR_SBIN, BB_SUID_DROP, losetup)) -//applet:IF_LOSETUP(APPLET(losetup, BB_DIR_SBIN, BB_SUID_DROP)) +//kbuild:lib-$(CONFIG_LOSETUP) += losetup.o //usage:#define losetup_trivial_usage //usage: "[-r] [-o OFS] {-f|LOOPDEV} FILE - associate loop devices\n" -- 2.25.1