Merge changes from CUPS 1.5svn-r9717.

git-svn-id: svn+ssh://src.apple.com/svn/cups/easysw/current@3171 a1ca3aef-8c08-0410-bb20-df032aa958be

1 files changed, 18 insertions, 2 deletions

diff --git a/scheduler/cups-exec.c b/scheduler/cups-exec.c
index 22bdd87a6..0081fb4c2 100644
--- a/scheduler/cups-exec.c
+++ b/scheduler/cups-exec.c
@@ -3,7 +3,7 @@
  *
  *   Sandbox helper for CUPS.
  *
- *   Copyright 2007-2010 by Apple Inc.
+ *   Copyright 2007-2011 by Apple Inc.
  *
  *   These coded instructions, statements, and computer programs are the
  *   property of Apple Inc. and are protected by Federal copyright
@@ -40,6 +40,7 @@ int					/* O - Exit status */
 main(int  argc,				/* I - Number of command-line args */
      char *argv[])			/* I - Command-line arguments */
 {
+  int	i;				/* Looping var */
 #ifdef HAVE_SANDBOX_H
   char	*sandbox_error = NULL;		/* Sandbox error, if any */
 #endif /* HAVE_SANDBOX_H */
@@ -61,7 +62,8 @@ main(int  argc,				/* I - Number of command-line args */
   * Run in a separate security profile...
   */
 
-  if (sandbox_init(argv[1], SANDBOX_NAMED_EXTERNAL, &sandbox_error))
+  if (strcmp(argv[1], "none") &&
+      sandbox_init(argv[1], SANDBOX_NAMED_EXTERNAL, &sandbox_error))
   {
     fprintf(stderr, "DEBUG: sandbox_init failed: %s (%s)\n", sandbox_error,
 	    strerror(errno));
@@ -71,6 +73,20 @@ main(int  argc,				/* I - Number of command-line args */
 #endif /* HAVE_SANDBOX_H */
 
  /*
+  * Close file descriptors we don't need (insurance):
+  *
+  * 0   = stdin
+  * 1   = stdout
+  * 2   = stderr
+  * 3   = back-channel
+  * 4   = side-channel
+  * 5-N = unused
+  */
+
+  for (i = 5; i < 1024; i ++)
+    close(i);
+
+ /*
   * Execute the program...
   */