diff options
author | Michal Sojka <sojkam1@fel.cvut.cz> | 2017-07-06 22:25:16 +0200 |
---|---|---|
committer | John Crispin <john@phrozen.org> | 2017-07-31 19:00:26 +0200 |
commit | f062b305b5ea2c77bb8286f8982f08e4c5b133ae (patch) | |
tree | 29da38e5e79700368b3f3585d43ccae317d0c31a | |
parent | 17026f4683b2a99085779e6bec3a2e67479089e0 (diff) | |
download | procd-f062b305b5ea2c77bb8286f8982f08e4c5b133ae.tar.gz |
procd: Do not leak pipe file descriptors to children
Without this change, a process started by procd can have access to
stdout/err of processes started by procd before.
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
-rw-r--r-- | rcS.c | 1 | ||||
-rw-r--r-- | service/instance.c | 2 |
2 files changed, 3 insertions, 0 deletions
@@ -82,6 +82,7 @@ static void q_initd_run(struct runqueue *q, struct runqueue_task *t) if (pid) { close(pipefd[1]); + fcntl(pipefd[0], F_SETFD, FD_CLOEXEC); s->fd.stream.string_data = true, s->fd.stream.notify_read = pipe_cb, runqueue_process_add(q, &s->proc, pid); diff --git a/service/instance.c b/service/instance.c index e5c4830..bb766ea 100644 --- a/service/instance.c +++ b/service/instance.c @@ -444,11 +444,13 @@ instance_start(struct service_instance *in) if (opipe[0] > -1) { ustream_fd_init(&in->_stdout, opipe[0]); closefd(opipe[1]); + fcntl(opipe[0], F_SETFD, FD_CLOEXEC); } if (epipe[0] > -1) { ustream_fd_init(&in->_stderr, epipe[0]); closefd(epipe[1]); + fcntl(epipe[0], F_SETFD, FD_CLOEXEC); } service_event("instance.start", in->srv->name, in->name); |