emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ash: fix NOEXEC mode - we were forgetting to pass environment!

Browse Source 
env: promote to NOEXEC
hd: promote to NOEXEC, as hexdump is NOEXEC already
This commit is contained in:
Denis Vlasenko 2008-10-20 08:15:51 +00:00
parent d1660cb9ad
commit b730474bda
5 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
coreutils/env.c
View File

@ -29,6 +29,8 @@
* - use xfunc_error_retval * - use xfunc_error_retval
*/ */
/* This is a NOEXEC applet. Be very careful! */
#include "libbb.h" #include "libbb.h"
#if ENABLE_FEATURE_ENV_LONG_OPTIONS #if ENABLE_FEATURE_ENV_LONG_OPTIONS
@ -119,5 +121,3 @@ int env_main(int argc UNUSED_PARAM, char **argv)
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
*/ */

4
include/applets.h
View File

@ -137,7 +137,7 @@ USE_ECHO(APPLET_NOFORK(echo, echo, _BB_DIR_BIN, _BB_SUID_NEVER, echo))
USE_ED(APPLET(ed, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_ED(APPLET(ed, _BB_DIR_BIN, _BB_SUID_NEVER))
USE_FEATURE_GREP_EGREP_ALIAS(APPLET_ODDNAME(egrep, grep, _BB_DIR_BIN, _BB_SUID_NEVER, egrep)) USE_FEATURE_GREP_EGREP_ALIAS(APPLET_ODDNAME(egrep, grep, _BB_DIR_BIN, _BB_SUID_NEVER, egrep))
USE_EJECT(APPLET(eject, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_EJECT(APPLET(eject, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
USE_ENV(APPLET(env, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_ENV(APPLET_NOEXEC(env, env, _BB_DIR_USR_BIN, _BB_SUID_NEVER, env))
USE_ENVDIR(APPLET_ODDNAME(envdir, chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER, envdir)) USE_ENVDIR(APPLET_ODDNAME(envdir, chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER, envdir))
USE_ENVUIDGID(APPLET_ODDNAME(envuidgid, chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER, envuidgid)) USE_ENVUIDGID(APPLET_ODDNAME(envuidgid, chpst, _BB_DIR_USR_BIN, _BB_SUID_NEVER, envuidgid))
USE_ETHER_WAKE(APPLET_ODDNAME(ether-wake, ether_wake, _BB_DIR_USR_BIN, _BB_SUID_NEVER, ether_wake)) USE_ETHER_WAKE(APPLET_ODDNAME(ether-wake, ether_wake, _BB_DIR_USR_BIN, _BB_SUID_NEVER, ether_wake))
@ -172,7 +172,7 @@ USE_GREP(APPLET(grep, _BB_DIR_BIN, _BB_SUID_NEVER))
USE_GUNZIP(APPLET(gunzip, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_GUNZIP(APPLET(gunzip, _BB_DIR_BIN, _BB_SUID_NEVER))
USE_GZIP(APPLET(gzip, _BB_DIR_BIN, _BB_SUID_NEVER)) USE_GZIP(APPLET(gzip, _BB_DIR_BIN, _BB_SUID_NEVER))
USE_HALT(APPLET(halt, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_HALT(APPLET(halt, _BB_DIR_SBIN, _BB_SUID_NEVER))
USE_HD(APPLET_ODDNAME(hd, hexdump, _BB_DIR_USR_BIN, _BB_SUID_NEVER, hd)) USE_HD(APPLET_NOEXEC(hd, hexdump, _BB_DIR_USR_BIN, _BB_SUID_NEVER, hd))
USE_HDPARM(APPLET(hdparm, _BB_DIR_SBIN, _BB_SUID_NEVER)) USE_HDPARM(APPLET(hdparm, _BB_DIR_SBIN, _BB_SUID_NEVER))
USE_HEAD(APPLET(head, _BB_DIR_USR_BIN, _BB_SUID_NEVER)) USE_HEAD(APPLET(head, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
USE_HEXDUMP(APPLET_NOEXEC(hexdump, hexdump, _BB_DIR_USR_BIN, _BB_SUID_NEVER, hexdump)) USE_HEXDUMP(APPLET_NOEXEC(hexdump, hexdump, _BB_DIR_USR_BIN, _BB_SUID_NEVER, hexdump))

5
shell/ash.c
View File

@ -7008,8 +7008,11 @@ tryexec(USE_FEATURE_SH_STANDALONE(int applet_no,) char *cmd, char **argv, char *
#if ENABLE_FEATURE_SH_STANDALONE #if ENABLE_FEATURE_SH_STANDALONE
if (applet_no >= 0) { if (applet_no >= 0) {
if (APPLET_IS_NOEXEC(applet_no)) if (APPLET_IS_NOEXEC(applet_no)) {
while (*envp)
putenv(*envp++);
run_applet_no_and_exit(applet_no, argv); run_applet_no_and_exit(applet_no, argv);
}
/* re-exec ourselves with the new arguments */ /* re-exec ourselves with the new arguments */
execve(bb_busybox_exec_path, argv, envp); execve(bb_busybox_exec_path, argv, envp);
/* If they called chroot or otherwise made the binary no longer /* If they called chroot or otherwise made the binary no longer

2
shell/ash_test/ash-standalone/noexec_gets_no_env.right Normal file
View File

@ -0,0 +1,2 @@
VAR7=VAL
0

3
shell/ash_test/ash-standalone/noexec_gets_no_env.tests Executable file
View File

@ -0,0 +1,3 @@
export VAR7=VAL
env | grep ^VAR7=
echo $?