procd: Do not leak pipe file descriptors to children

Without this change, a process started by procd can have access to stdout/err of processes started by procd before. Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
author: Michal Sojka <sojkam1@fel.cvut.cz> 2017-07-06 22:25:16 +0200
committer: John Crispin <john@phrozen.org> 2017-07-31 19:00:26 +0200
commit: f062b305b5ea2c77bb8286f8982f08e4c5b133ae (patch)
tree: 29da38e5e79700368b3f3585d43ccae317d0c31a
parent: 17026f4683b2a99085779e6bec3a2e67479089e0 (diff)
download: procd-f062b305b5ea2c77bb8286f8982f08e4c5b133ae.tar.gz
2 files changed, 3 insertions, 0 deletions
diff --git a/rcS.c b/rcS.c
index 4ecf0c1..b1202bf 100644
--- a/rcS.c
+++ b/rcS.c
@@ -82,6 +82,7 @@ static void q_initd_run(struct runqueue *q, struct runqueue_task *t)
 
 	if (pid) {
 		close(pipefd[1]);
+		fcntl(pipefd[0], F_SETFD, FD_CLOEXEC);
 		s->fd.stream.string_data = true,
 		s->fd.stream.notify_read = pipe_cb,
 		runqueue_process_add(q, &s->proc, pid);
diff --git a/service/instance.c b/service/instance.c
index e5c4830..bb766ea 100644
--- a/service/instance.c
+++ b/service/instance.c
@@ -444,11 +444,13 @@ instance_start(struct service_instance *in)
 	if (opipe[0] > -1) {
 		ustream_fd_init(&in->_stdout, opipe[0]);
 		closefd(opipe[1]);
+		fcntl(opipe[0], F_SETFD, FD_CLOEXEC);
 	}
 
 	if (epipe[0] > -1) {
 		ustream_fd_init(&in->_stderr, epipe[0]);
 		closefd(epipe[1]);
+		fcntl(epipe[0], F_SETFD, FD_CLOEXEC);
 	}
 
 	service_event("instance.start", in->srv->name, in->name);
author	Michal Sojka <sojkam1@fel.cvut.cz>	2017-07-06 22:25:16 +0200
committer	John Crispin <john@phrozen.org>	2017-07-31 19:00:26 +0200
commit	f062b305b5ea2c77bb8286f8982f08e4c5b133ae (patch)
tree	29da38e5e79700368b3f3585d43ccae317d0c31a
parent	17026f4683b2a99085779e6bec3a2e67479089e0 (diff)
download	procd-f062b305b5ea2c77bb8286f8982f08e4c5b133ae.tar.gz