Denys Vlasenko
caf26b36f3
sysctl: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 18:23:10 +02:00
Denys Vlasenko
feb79e8742
cryptpw, mkpasswd: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 02:08:23 +02:00
Denys Vlasenko
ff53bee723
chvt, deallocvt, dumpkmap, fgconsole, loadkmap: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 02:02:31 +02:00
Denys Vlasenko
fdb92359e4
pivot_root: make it NOFORK
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:51:12 +02:00
Denys Vlasenko
9c49d6e11b
partprobe: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:46:39 +02:00
Denys Vlasenko
a453ca576f
sv, svc: make them NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:42:08 +02:00
Denys Vlasenko
9f59849daa
blockdev, fsfreeze, fstrim, mountpoint: make NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 01:29:12 +02:00
Denys Vlasenko
692eeb81a4
stty: make in NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 20:07:19 +02:00
Denys Vlasenko
5c527dc57e
make 17 state-changing execing applets (ex: "nice PROG ARGS") noexec
...
The applets with "<applet> [opts] PROG ARGS" API very quickly exec
another program, noexec is okay for them:
chpst/envdir/envuidgid/softlimit/setuidgid
chroot
chrt
ionice
nice
nohup
setarch/linux32/linux64
taskset
cttyhack
"reset" and "sulogin" applets don't have this form, but also exec
another program at once, thus made noexec too.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 19:55:01 +02:00
Denys Vlasenko
6514785f95
mesg: make in NOFORK
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 19:16:01 +02:00
Denys Vlasenko
947b2391c0
pmap: tweak help text, show usage if no params are given
...
Noticed while auditing nofork/noexec status
function old new delta
pmap_main 70 80 +10
packed_usage 31747 31744 -3
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 18:37:34 +02:00
Denys Vlasenko
83d7785e41
runlevel: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 17:59:46 +02:00
Denys Vlasenko
6bec24c4f5
mktemp: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 17:39:05 +02:00
Denys Vlasenko
74c05f5b2c
chat: trim help text
...
Noticed while auditing nofork/noexec status
function old new delta
packed_usage 31777 31747 -30
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 17:36:16 +02:00
Denys Vlasenko
7f9d62d7f5
tweak NOFORK_NOEXEC.lst
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 16:01:39 +02:00
Denys Vlasenko
49e6bf2db9
sheel: improve comments on signal handling
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 14:28:16 +02:00
Denys Vlasenko
3346b4afc5
modutils: make them NOEXEC except depmod
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-04 02:56:39 +02:00
Denys Vlasenko
72d725d7cc
getopt: make it NOEXEC
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 19:30:21 +02:00
Denys Vlasenko
39194f0309
new NOFORKs: pwdx,kill[all5],ttysize,realpath,readlink NOEXECs: date,resize
...
function old new delta
run_nofork_applet 258 280 +22
readlink_main 112 123 +11
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 33/0) Total: 33 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 19:03:32 +02:00
Denys Vlasenko
819b47aa35
new NOFORKs: clear, nproc, tty, uname, arch, unlink, which
...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-03 03:29:32 +02:00