On Wed, Jan 29, 2025 at 09:14:59AM +0000, Ron Yorston wrote:
> Nadav Tasher <tasherna...@gmail.com> wrote:
> > static void
> >-tryexec(IF_FEATURE_SH_STANDALONE(int applet_no,) const char *cmd, char
> >**argv, char **envp)
> >+tryexec(const char *cmd, char **argv, char **envp)
> > {
> > #if ENABLE_FEATURE_SH_STANDALONE
> >- if (applet_no >= 0) {
> >- if (APPLET_IS_NOEXEC(applet_no)) {
> >- clearenv();
> >- while (*envp)
> >- putenv(*envp++);
> >- popredir(/*drop:*/ 1);
> >- run_noexec_applet_and_exit(applet_no, cmd, argv);
> >- }
> >- /* re-exec ourselves with the new arguments */
> >- execve(bb_busybox_exec_path, argv, envp);
> >- /* If they called chroot or otherwise made the binary no longer
> >- * executable, fall through */
> >- }
>
> This removes the call to popredir() without providing any replacement.
> Since it's an internal ash function it can't be called from BB_EXECVPE.
>
> The call was introduced in commit b31b61bb9b with this description:
>
> ash: fix redir_leak.tests if STANDALONE=y
>
> If STANDALONE and we run a NOEXEC applet, saved copies of redirected fds
> were visible for the child. They have CLOEXEC bit, yes, but we do not exec
> in this case.
>
> Although the patch set doesn't touch hush, the _other_ shell in BusyBox,
> it has a similar requirement. Before running a NOEXEC applet it calls
> two internal functions: close_saved_fds_and_FILE_fds() and
> switch_off_special_sigs().
>
> Cheers,
>
> Ron
Hi!
The first issue was addressed in the 5th version of the patchset.
Regarding hush, do you think I should also implement this feature there?
Nadav
_______________________________________________
busybox mailing list
busybox@busybox.net
https://lists.busybox.net/mailman/listinfo/busybox
