Fossil SCM

Removed ping and traceroute commands from the Docker container. They require raw sockets support, which means if anyone broke into the container and managed a root privilege escalation, they could do a wide array of bad things on any network the container is bound to.

wyoung 2022-08-29 17:32 trunk
Commit f00a88f896322591ecf84c879649f1870e34bd48ec94724eaca7021bef1c3016
Parent e98603144b0440f…
1 file changed +7 -7
~ tools/busybox-config
M tools/busybox-config
+7 -7
--- tools/busybox-config
+++ tools/busybox-config
@@ -938,13 +938,13 @@
938938
 # CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS is not set
939939
 # CONFIG_NTPD is not set
940940
 # CONFIG_FEATURE_NTPD_SERVER is not set
941941
 # CONFIG_FEATURE_NTPD_CONF is not set
942942
 # CONFIG_FEATURE_NTP_AUTH is not set
943
-CONFIG_PING=y
944
-CONFIG_PING6=y
945
-CONFIG_FEATURE_FANCY_PING=y
943
+# CONFIG_PING is not set
944
+# CONFIG_PING6 is not set
945
+# CONFIG_FEATURE_FANCY_PING is not set
946946
 # CONFIG_PSCAN is not set
947947
 CONFIG_ROUTE=y
948948
 # CONFIG_SLATTACH is not set
949949
 CONFIG_SSL_CLIENT=y
950950
 # CONFIG_TC is not set
@@ -966,14 +966,14 @@
966966
 # CONFIG_FEATURE_TFTP_GET is not set
967967
 # CONFIG_FEATURE_TFTP_PUT is not set
968968
 # CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
969969
 # CONFIG_TFTP_DEBUG is not set
970970
 CONFIG_TLS=y
971
-CONFIG_TRACEROUTE=y
972
-CONFIG_TRACEROUTE6=y
973
-CONFIG_FEATURE_TRACEROUTE_VERBOSE=y
974
-CONFIG_FEATURE_TRACEROUTE_USE_ICMP=y
971
+# CONFIG_TRACEROUTE is not set
972
+# CONFIG_TRACEROUTE6 is not set
973
+# CONFIG_FEATURE_TRACEROUTE_VERBOSE is not set
974
+# CONFIG_FEATURE_TRACEROUTE_USE_ICMP is not set
975975
 # CONFIG_TUNCTL is not set
976976
 # CONFIG_FEATURE_TUNCTL_UG is not set
977977
 # CONFIG_VCONFIG is not set
978978
 CONFIG_WGET=y
979979
 CONFIG_FEATURE_WGET_LONG_OPTIONS=y
980980
--- tools/busybox-config
+++ tools/busybox-config
@@ -938,13 +938,13 @@
938 # CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS is not set
939 # CONFIG_NTPD is not set
940 # CONFIG_FEATURE_NTPD_SERVER is not set
941 # CONFIG_FEATURE_NTPD_CONF is not set
942 # CONFIG_FEATURE_NTP_AUTH is not set
943 CONFIG_PING=y
944 CONFIG_PING6=y
945 CONFIG_FEATURE_FANCY_PING=y
946 # CONFIG_PSCAN is not set
947 CONFIG_ROUTE=y
948 # CONFIG_SLATTACH is not set
949 CONFIG_SSL_CLIENT=y
950 # CONFIG_TC is not set
@@ -966,14 +966,14 @@
966 # CONFIG_FEATURE_TFTP_GET is not set
967 # CONFIG_FEATURE_TFTP_PUT is not set
968 # CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
969 # CONFIG_TFTP_DEBUG is not set
970 CONFIG_TLS=y
971 CONFIG_TRACEROUTE=y
972 CONFIG_TRACEROUTE6=y
973 CONFIG_FEATURE_TRACEROUTE_VERBOSE=y
974 CONFIG_FEATURE_TRACEROUTE_USE_ICMP=y
975 # CONFIG_TUNCTL is not set
976 # CONFIG_FEATURE_TUNCTL_UG is not set
977 # CONFIG_VCONFIG is not set
978 CONFIG_WGET=y
979 CONFIG_FEATURE_WGET_LONG_OPTIONS=y
980
--- tools/busybox-config
+++ tools/busybox-config
@@ -938,13 +938,13 @@
938 # CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS is not set
939 # CONFIG_NTPD is not set
940 # CONFIG_FEATURE_NTPD_SERVER is not set
941 # CONFIG_FEATURE_NTPD_CONF is not set
942 # CONFIG_FEATURE_NTP_AUTH is not set
943 # CONFIG_PING is not set
944 # CONFIG_PING6 is not set
945 # CONFIG_FEATURE_FANCY_PING is not set
946 # CONFIG_PSCAN is not set
947 CONFIG_ROUTE=y
948 # CONFIG_SLATTACH is not set
949 CONFIG_SSL_CLIENT=y
950 # CONFIG_TC is not set
@@ -966,14 +966,14 @@
966 # CONFIG_FEATURE_TFTP_GET is not set
967 # CONFIG_FEATURE_TFTP_PUT is not set
968 # CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
969 # CONFIG_TFTP_DEBUG is not set
970 CONFIG_TLS=y
971 # CONFIG_TRACEROUTE is not set
972 # CONFIG_TRACEROUTE6 is not set
973 # CONFIG_FEATURE_TRACEROUTE_VERBOSE is not set
974 # CONFIG_FEATURE_TRACEROUTE_USE_ICMP is not set
975 # CONFIG_TUNCTL is not set
976 # CONFIG_FEATURE_TUNCTL_UG is not set
977 # CONFIG_VCONFIG is not set
978 CONFIG_WGET=y
979 CONFIG_FEATURE_WGET_LONG_OPTIONS=y
980

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button