[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: NOFORK and NOEXEC without PREFER_APPLETS
From: Bruno Chevalier <bmgg.chevalier () gmail ! com>
Date: 2016-07-24 17:33:48
Message-ID: CAEhaEZP7aPtqUBCjqeOVyizMzjA+A_KG+qi7Apfeh5Zvdahszw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Thanks Denys,
I will redo the tests that I did, because as far as I know, that was the
behaviour that I observed.
I could be wrong though, so I will redo them.
I will also do the tests with the latest git repo and let you know the
results.
On 22 July 2016 at 18:50, Denys Vlasenko <vda.linux@googlemail.com> wrote:
> On Wed, Jul 20, 2016 at 3:01 PM, Bruno Chevalier
> <bmgg.chevalier@gmail.com> wrote:
> > Hi,
> >
> > I am wondering why FEATURE_PREFER_APPLETS needs to be enabled for the
> > FEATURE_SH_STANDALONE (to do the NOEXEC trick) and FEATURE_SH_NOFORK (to
> do
> > the NOFORK trick).
> >
> > If the applet tables would always contain the NOFORK/NOEXEC bits, the
> > FEATURE_PREFER_APPLETS wouldn't be mandatory anymore.
> > You can look in the path and if the executable that gets found for a
> > specific command is busybox, then we can do the NOEXEC or NOFORK trick.
> > Otherwise, we just execute the program that was found using PATH in the
> > normal way.
> >
> > A use case for this is the following:
> > Let's say we have 2 buildroot configurations.
> > We als have one common busybox configuration that contains the hexdump
> > applet and that gets used for both buildroot configurations.
> >
> > 1 buildroot configuration contains a version of hexdump that overwrites
> the
> > busybox implementation, the other doesn't.
> >
> > We notice that hexdump is a NOEXEC app and we want to take advantage of
> > this.
> >
> > In the current implementation of busybox we have two scenarios:
> > 1. We enable FEATURE_PREFER_APPLETS and FEATURE_SH_STANDALONE. This way,
> the
> > hexdump that gets executed is always the busybox implementation and it
> makes
> > use of the NOEXEC trick.
> > We can make use of the NOEXEC trick, but the buildroot configuration that
> > included hexdump does not execute its own hexdump by default unless you
> > specify the complete path.
> >
> > 2. We don't enable FEATURE_PREFER_APPLETS. Now we execute the hexdump
> from
> > buildroot in the buildroot config that enabled it and we execute the
> hexdump
> > from busybox in the buildroot config that didn't include hexdump.
> > However, the busybox version does not make use of the NOEXEC trick
> because
> > that feature cannot be enabled without FEATURE_PREFER_APPLETS.
> >
> >
> > Now we would like to be able to do scenario 2, but when the busybox
> version
> > gets executed, we still want the NOEXEC trick to be used.
>
> Enabling FEATURE_SH_STANDALONE does not give you case 2: hexdump
> from buildroot won't be executed, internal applet takes precedence. IOW:
> " Now we execute the hexdump from
> > buildroot in the buildroot config that enabled it and we execute the
> hexdump
> > from busybox in the buildroot config that didn't include hexdump."
> will not be true, AFAICS.
>
> I committed a fix which makes it possible to choose FEATURE_SH_STANDALONE
> and/or NOFORK without FEATURE_PREFER_APPLETS. Please try current git.
>
[Attachment #5 (text/html)]
<div dir="ltr">Thanks Denys,<br>I will redo the tests that I did, because as far as I \
know, that was the behaviour that I observed.<br>I could be wrong though, so I will \
redo them.<div><br></div><div>I will also do the tests with the latest git repo and \
let you know the results.</div></div><div class="gmail_extra"><br><div \
class="gmail_quote">On 22 July 2016 at 18:50, Denys Vlasenko <span dir="ltr"><<a \
href="mailto:vda.linux@googlemail.com" \
target="_blank">vda.linux@googlemail.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On Wed, Jul 20, 2016 at \
3:01 PM, Bruno Chevalier<br> <<a \
href="mailto:bmgg.chevalier@gmail.com">bmgg.chevalier@gmail.com</a>> wrote:<br> \
> Hi,<br> ><br>
> I am wondering why FEATURE_PREFER_APPLETS needs to be enabled for the<br>
> FEATURE_SH_STANDALONE (to do the NOEXEC trick) and FEATURE_SH_NOFORK (to do<br>
> the NOFORK trick).<br>
><br>
> If the applet tables would always contain the NOFORK/NOEXEC bits, the<br>
> FEATURE_PREFER_APPLETS wouldn't be mandatory anymore.<br>
> You can look in the path and if the executable that gets found for a<br>
> specific command is busybox, then we can do the NOEXEC or NOFORK trick.<br>
> Otherwise, we just execute the program that was found using PATH in the<br>
> normal way.<br>
><br>
> A use case for this is the following:<br>
> Let's say we have 2 buildroot configurations.<br>
> We als have one common busybox configuration that contains the hexdump<br>
> applet and that gets used for both buildroot configurations.<br>
><br>
> 1 buildroot configuration contains a version of hexdump that overwrites the<br>
> busybox implementation, the other doesn't.<br>
><br>
> We notice that hexdump is a NOEXEC app and we want to take advantage of<br>
> this.<br>
><br>
> In the current implementation of busybox we have two scenarios:<br>
> 1. We enable FEATURE_PREFER_APPLETS and FEATURE_SH_STANDALONE. This way, the<br>
> hexdump that gets executed is always the busybox implementation and it makes<br>
> use of the NOEXEC trick.<br>
> We can make use of the NOEXEC trick, but the buildroot configuration that<br>
> included hexdump does not execute its own hexdump by default unless you<br>
> specify the complete path.<br>
><br>
> 2. We don't enable FEATURE_PREFER_APPLETS. Now we execute the hexdump \
from<br> > buildroot in the buildroot config that enabled it and we execute the \
hexdump<br> > from busybox in the buildroot config that didn't include \
hexdump.<br> > However, the busybox version does not make use of the NOEXEC trick \
because<br> > that feature cannot be enabled without FEATURE_PREFER_APPLETS.<br>
><br>
><br>
> Now we would like to be able to do scenario 2, but when the busybox version<br>
> gets executed, we still want the NOEXEC trick to be used.<br>
<br>
</div></div>Enabling FEATURE_SH_STANDALONE does not give you case 2: hexdump<br>
from buildroot won't be executed, internal applet takes precedence. IOW:<br>
<span class="">" Now we execute the hexdump from<br>
> buildroot in the buildroot config that enabled it and we execute the hexdump<br>
> from busybox in the buildroot config that didn't include hexdump."<br>
</span>will not be true, AFAICS.<br>
<br>
I committed a fix which makes it possible to choose FEATURE_SH_STANDALONE<br>
and/or NOFORK without FEATURE_PREFER_APPLETS. Please try current git.<br>
</blockquote></div><br></div>
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic