projects / oweals / busybox.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
tweak NOFORK_NOEXEC.lst
[oweals/busybox.git] / NOFORK_NOEXEC.lst
1 Why an applet can't be NOFORK or NOEXEC?
2
3 Why can't be NOFORK:
4 interactive: may wait for user input, ^C has to work
5 spawner: "tool PROG ARGS" which changes program state and execs - must fork
6 changes state: e.g. environment, signal handlers
7 alloc+xfunc: xmalloc, then xfunc - leaks memory if xfunc dies
8 open+xfunc: opens fd, then calls xfunc - fd is leaked if xfunc dies
9 leaks: does not free allocated memory or opened fds
10 runner: sometimes may run for long(ish) time, and/or works with network:
11         ^C has to work (cat BIGFILE, chmod -R, ftpget, nc)
12
13 "runners" can become eligible after shell is taught ^C to interrupt NOFORKs,
14 need to be inspected that they do not fall into alloc+xfunc, open+xfunc
15 categories.
16
17 Why can't be NOEXEC:
18 suid: runs under different uid - must fork+exec
19
20 Why shouldn't be NOFORK/NOEXEC:
21 rare: not started often enough to bother optimizing (example: poweroff)
22 daemon: runs indefinitely; these are also always fit "rare" category
23 longterm: often runs for a long time (many seconds), execing would make
24         memory footprint smaller
25 complex: no immediately obvious reason why NOFORK wouldn't work,
26         but does some non-obvoius operations (example: fuser, lsof, losetup)
27
28 [ - NOFORK
29 [[ - NOFORK
30 acpid - daemon
31 add-shell
32 addgroup
33 adduser
34 adjtimex
35 ar - runner
36 arch - NOFORK
37 arp
38 arping - runner
39 ash - interactive
40 awk - noexec. runner
41 base64 - runner
42 basename - NOFORK
43 beep
44 blkdiscard
45 blkid
46 blockdev
47 bootchartd - daemon
48 brctl
49 bunzip2 - runner
50 busybox
51 bzcat - runner
52 bzip2 - runner
53 cal - runner: cal -n9999
54 cat - runner
55 chat
56 chattr - runner
57 chgrp - noexec. runner
58 chmod - noexec. runner
59 chown - noexec. runner
60 chpasswd - runner (list of "user:password"s from stdin)
61 chpst - spawner
62 chroot - spawner
63 chrt - spawner
64 chvt - leaks: get_console_fd_or_die() may open a new fd, or return one of stdio fds. Also, "rare" category. Can be noexec.
65 cksum - noexec. runner
66 clear - NOFORK
67 cmp - runner
68 comm - runner
69 conspy - interactive
70 cp - noexec. runner
71 cpio - runner
72 crond - daemon
73 crontab
74 cryptpw - changes state: with --password-fd=N, moves N to stdin. Also, "rare" category. Can be noexec.
75 cttyhack - spawner
76 cut - noexec. runner
77 date - noexec. nofork candidate(needs to stop messing up env, free xasprintf result, not use xfuncs after xasprintf)
78 dc - runner (eats stdin if no params)
79 dd - noexec. runner
80 deallocvt
81 delgroup
82 deluser
83 depmod
84 devmem - runner, complex (access to device memory may hang)
85 df - complex (nested allocs)
86 dhcprelay - daemon
87 diff - runner
88 dirname - NOFORK
89 dmesg - runner
90 dnsd - daemon
91 dnsdomainname - DNS resolution may trigger, need ^C
92 dos2unix - noexec. runner
93 dpkg - runner
94 du - runner
95 dumpkmap
96 dumpleases
97 echo - NOFORK
98 ed - interactive
99 egrep - runner
100 eject
101 env - noexec. changes state (env)
102 envdir - spawner
103 envuidgid - spawner
104 expand - runner
105 expr - complex (nested allocs)
106 factor - runner (eats stdin if no params)
107 fakeidentd - daemon
108 false - NOFORK
109 fatattr - complex (xopen+xioctl can leak fd)
110 fbset
111 fbsplash - runner, interactive
112 fdflush
113 fdformat - runner
114 fdisk - interactive
115 fgconsole
116 fgrep - runner
117 find - noexec. runner
118 findfs - suid
119 flash_eraseall
120 flash_lock
121 flash_unlock
122 flashcp
123 flock
124 fold - noexec. runner
125 free - nofork candidate(struct globals, needs to close /proc/meminfo fd)
126 freeramdisk
127 fsck - interactive
128 fsck.minix
129 fsfreeze
130 fstrim
131 fsync - NOFORK
132 ftpd - daemon
133 ftpget - runner
134 ftpput - runner
135 fuser - complex
136 getopt - noexec. complex (many allocs)
137 getty - interactive
138 grep - runner
139 groups - noexec
140 gunzip - runner
141 gzip - runner
142 halt - rare
143 hd - noexec. runner
144 hdparm - complex, rare
145 head - noexec. runner
146 hexdump - noexec. runner
147 hostid - NOFORK
148 hostname - DNS resolution may trigger, need ^C
149 httpd - daemon
150 hush - interactive
151 hwclock
152 i2cdetect
153 i2cdump
154 i2cget
155 i2cset
156 id - noexec
157 ifconfig
158 ifenslave
159 ifplugd - daemon
160 inetd - daemon
161 init - daemon
162 inotifyd - daemon
163 insmod - noexec
164 install - runner
165 ionice - spawner
166 iostat - runner
167 ip - noexec candidate
168 ipaddr - noexec candidate
169 ipcalc - noexec candidate
170 ipcrm - noexec candidate
171 ipcs - noexec candidate
172 iplink - noexec candidate
173 ipneigh - noexec candidate
174 iproute - noexec candidate
175 iprule - noexec candidate
176 iptunnel - noexec candidate
177 kbd_mode
178 kill - NOFORK
179 killall - NOFORK
180 killall5 - NOFORK
181 klogd - daemon
182 last - runner (I've got 1300 lines of output when tried it)
183 less - interactive
184 link - NOFORK
185 linux32 - spawner
186 linux64 - spawner
187 linuxrc - daemon
188 ln - noexec
189 loadfont
190 loadkmap
191 logger - runner
192 login - suid, interactive
193 logname - NOFORK
194 losetup - complex
195 lpd - daemon
196 lpq - runner
197 lpr - runner
198 ls - noexec. runner
199 lsattr
200 lsmod - noexec
201 lsof - complex
202 lspci
203 lsscsi
204 lsusb
205 lzcat - runner
206 lzma - runner
207 lzop - runner
208 lzopcat - runner
209 makedevs
210 makemime - runner
211 man - spawner, interactive
212 md5sum - noexec. runner
213 mdev - daemon
214 mesg
215 microcom - interactive, complex
216 mkdir - NOFORK
217 mkdosfs
218 mke2fs
219 mkfifo - noexec
220 mkfs.ext2
221 mkfs.minix
222 mkfs.vfat
223 mknod - noexec
224 mkpasswd
225 mkswap
226 mktemp
227 modinfo - noexec
228 modprobe - noexec
229 more - interactive
230 mount - suid
231 mountpoint
232 mpstat
233 mt
234 mv - runner (can be noexec?)
235 nameif
236 nbd-client
237 nc - runner
238 netstat - runner with -c
239 nice - spawner
240 nl - runner
241 nmeter - runner
242 nohup - spawner
243 nproc - NOFORK
244 ntpd - daemon
245 od - runner
246 openvt - spawner
247 partprobe
248 passwd - suid
249 paste - noexec. runner
250 patch
251 pgrep - nofork candidate(xregcomp, procps_scan - are they ok?)
252 pidof - nofork candidate(uses find_pid_by_name, is that ok?)
253 ping - suid, runner
254 ping6 - suid, runner
255 pipe_progress
256 pivot_root
257 pkill - nofork candidate(xregcomp, procps_scan - are they ok?)
258 pmap
259 popmaildir - runner
260 poweroff - rare
261 powertop - interactive, longterm
262 printenv - NOFORK
263 printf - NOFORK
264 ps - noexec candidate
265 pscan - longterm
266 pstree
267 pwd - NOFORK
268 pwdx - NOFORK
269 raidautorun
270 rdate
271 rdev
272 readlink - NOFORK
273 readprofile
274 realpath - NOFORK
275 reboot - rare
276 reformime - runner
277 remove-shell
278 renice - nofork candidate(uses getpwnam, is that ok?)
279 reset - spawner (execs "stty")
280 resize - noexec. changes state (signal handlers)
281 rev - runner
282 rm - noexec. rm -i interactive
283 rmdir - NOFORK
284 rmmod - noexec
285 route
286 rpm - runner
287 rpm2cpio - runner
288 rtcwake - complex, rare
289 run-parts
290 runlevel
291 runsv - daemon
292 runsvdir - daemon
293 rx - runner
294 script
295 scriptreplay
296 sed - runner
297 sendmail - runner
298 seq - noexec. runner
299 setarch - spawner
300 setconsole
301 setfont
302 setkeycodes
303 setlogcons
304 setpriv - spawner
305 setserial
306 setsid - spawner
307 setuidgid
308 sh - interactive
309 sha1sum - noexec. runner
310 sha256sum - noexec. runner
311 sha3sum - noexec. runner
312 sha512sum - noexec. runner
313 showkey - interactive
314 shred - runner
315 shuf - noexec. runner
316 slattach
317 sleep - runner
318 smemcap - runner
319 softlimit - spawner
320 sort - noexec. runner
321 split - runner
322 ssl_client - network
323 start-stop-daemon
324 stat - nofork candidate(needs fewer allocs)
325 strings - runner
326 stty
327 su - suid, spawner
328 sulogin - spawner
329 sum - runner
330 sv
331 svc
332 svlogd - daemon
333 swapoff - rare
334 swapon - rare
335 switch_root - spawner, rare, changes state
336 sync - NOFORK
337 sysctl
338 syslogd - daemon
339 tac - noexec. runner
340 tail - runner
341 tar - runner
342 taskset - spawner
343 tcpsvd - daemon
344 tee - runner
345 telnet - interactive
346 telnetd - daemon
347 test - NOFORK
348 tftp - runner
349 tftpd - daemon
350 time - spawner, changes state (signals)
351 timeout - spawner, changes state (signals)
352 top - interactive, longterm
353 touch - NOFORK
354 tr - runner
355 traceroute - suid, runner
356 traceroute6 - suid, runner
357 true - NOFORK
358 truncate - NOFORK
359 tty - NOFORK
360 ttysize - NOFORK
361 tunctl
362 tune2fs
363 ubiattach
364 ubidetach
365 ubimkvol
366 ubirename
367 ubirmvol
368 ubirsvol
369 ubiupdatevol
370 udhcpc - daemon
371 udhcpd - daemon
372 udpsvd - daemon
373 uevent - daemon
374 umount
375 uname - NOFORK
376 uncompress - runner
377 unexpand - runner
378 uniq - runner
379 unix2dos - noexec. runner
380 unlink - NOFORK
381 unlzma - runner
382 unlzop - runner
383 unxz - runner
384 unzip - runner
385 uptime - nofork candidate(is getutxent ok?)
386 users - nofork candidate(is getutxent ok?)
387 usleep - NOFORK
388 uudecode - runner
389 uuencode - runner
390 vconfig
391 vi - interactive
392 vlock - suid
393 volname - runner
394 w
395 wall - suid
396 watch - runner
397 watchdog - daemon
398 wc - runner
399 wget - runner
400 which - NOFORK
401 who
402 whoami - NOFORK
403 whois
404 xargs - noexec. spawner
405 xxd - noexec. runner
406 xz - runner
407 xzcat - runner
408 yes - noexec. runner
409 zcat - runner
410 zcip - daemon
Unnamed repository; edit this file 'description' to name the repository.