process-util: make safe_fork() unset $NOTIFY_SOCKET

Propagating $NOTIFY_SOCKET is typically dangerous. Let's unset it unless
explicitly requested to keep it.

Fixes #27288.
Replaces #27291.

1 files changed, 8 insertions, 0 deletions

diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index 58503cf22d..a9826d94d3 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -1365,6 +1365,14 @@ int safe_fork_full(
                 }
         }
 
+        if (!FLAGS_SET(flags, FORK_KEEP_NOTIFY_SOCKET)) {
+                r = RET_NERRNO(unsetenv("NOTIFY_SOCKET"));
+                if (r < 0) {
+                        log_full_errno(prio, r, "Failed to unset $NOTIFY_SOCKET: %m");
+                        _exit(EXIT_FAILURE);
+                }
+        }
+
         if (ret_pid)
                 *ret_pid = getpid_cached();