summaryrefslogtreecommitdiff
path: root/procps
diff options
context:
space:
mode:
authorDenys Vlasenko2017-08-07 18:18:09 +0200
committerDenys Vlasenko2017-08-07 18:18:09 +0200
commit248a67fb75a0d2c98f4f9935b7bb9e11382b2c78 (patch)
treeeea88807a0b5d936d158ef7a62dfb051df174e96 /procps
parent316d38e25883c68e51533029dbab059ae0731de8 (diff)
downloadbusybox-248a67fb75a0d2c98f4f9935b7bb9e11382b2c78.zip
busybox-248a67fb75a0d2c98f4f9935b7bb9e11382b2c78.tar.gz
free,stat: make NOEXEC
pkill/pgrep/pidof uncovered another quirk: what about noexec's _process names_? Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'procps')
-rw-r--r--procps/free.c7
-rw-r--r--procps/pgrep.c6
-rw-r--r--procps/pidof.c4
3 files changed, 14 insertions, 3 deletions
diff --git a/procps/free.c b/procps/free.c
index 618664e..b57e4a3 100644
--- a/procps/free.c
+++ b/procps/free.c
@@ -15,7 +15,7 @@
//config: memory in the system, as well as the buffers used by the kernel.
//config: The shared memory column should be ignored; it is obsolete.
-//applet:IF_FREE(APPLET(free, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_FREE(APPLET_NOEXEC(free, free, BB_DIR_USR_BIN, BB_SUID_DROP, free))
//kbuild:lib-$(CONFIG_FREE) += free.o
@@ -47,7 +47,10 @@ struct globals {
#endif
} FIX_ALIASING;
#define G (*(struct globals*)bb_common_bufsiz1)
-#define INIT_G() do { setup_common_bufsiz(); } while (0)
+#define INIT_G() do { \
+ setup_common_bufsiz(); \
+ /* NB: noexec applet - globals not zeroed */ \
+} while (0)
static unsigned long long scale(unsigned long d)
diff --git a/procps/pgrep.c b/procps/pgrep.c
index a3ca9e2..a16a6e9 100644
--- a/procps/pgrep.c
+++ b/procps/pgrep.c
@@ -18,9 +18,13 @@
//config: help
//config: Send signals to processes by name.
-//applet:IF_PGREP(APPLET(pgrep, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_PGREP(APPLET_ODDNAME(pgrep, pgrep, BB_DIR_USR_BIN, BB_SUID_DROP, pgrep))
// APPLET_ODDNAME:name main location suid_type help
//applet:IF_PKILL(APPLET_ODDNAME(pkill, pgrep, BB_DIR_USR_BIN, BB_SUID_DROP, pkill))
+/* can't be noexec: can find _itself_ under wrong name, since after fork only,
+ * /proc/PID/cmdline and comm are wrong! Can fix comm (prctl(PR_SET_NAME)),
+ * but cmdline?
+ */
//kbuild:lib-$(CONFIG_PGREP) += pgrep.o
//kbuild:lib-$(CONFIG_PKILL) += pgrep.o
diff --git a/procps/pidof.c b/procps/pidof.c
index 41247a0..98d7949 100644
--- a/procps/pidof.c
+++ b/procps/pidof.c
@@ -30,6 +30,10 @@
//config: of the pidof, in other words the calling shell or shell script.
//applet:IF_PIDOF(APPLET(pidof, BB_DIR_BIN, BB_SUID_DROP))
+/* can't be noexec: can find _itself_ under wrong name, since after fork only,
+ * /proc/PID/cmdline and comm are wrong! Can fix comm (prctl(PR_SET_NAME)),
+ * but cmdline?
+ */
//kbuild:lib-$(CONFIG_PIDOF) += pidof.o