From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1S59QR-0008MF-3s for garchives@archives.gentoo.org; Wed, 07 Mar 2012 05:28:35 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6B01DE0605; Wed, 7 Mar 2012 05:28:26 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 3FAC3E0605 for ; Wed, 7 Mar 2012 05:28:26 +0000 (UTC) Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id A40341B401D for ; Wed, 7 Mar 2012 05:28:25 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by hornbill.gentoo.org (Postfix) with ESMTP id 6B8F8E5428 for ; Wed, 7 Mar 2012 05:28:24 +0000 (UTC) From: "Mike Frysinger" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" Message-ID: <1331098081.00e64315a17b5f681c5a9f0114ac18eb002faa27.vapier@gentoo> Subject: [gentoo-commits] proj/sandbox:master commit in: /, libsandbox/ X-VCS-Repository: proj/sandbox X-VCS-Files: libsandbox/libsandbox.c localdecls.h X-VCS-Directories: / libsandbox/ X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger X-VCS-Revision: 00e64315a17b5f681c5a9f0114ac18eb002faa27 X-VCS-Branch: master Date: Wed, 7 Mar 2012 05:28:24 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 07b320bb-dd11-47a5-9b4c-3bbd90d89a2a X-Archives-Hash: be96970899d37c74df5c3f86183c7269 commit: 00e64315a17b5f681c5a9f0114ac18eb002faa27 Author: Mike Frysinger gentoo org> AuthorDate: Wed Mar 7 05:22:55 2012 +0000 Commit: Mike Frysinger gentoo org> CommitDate: Wed Mar 7 05:28:01 2012 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/sandbox.git;a= =3Dcommit;h=3D00e64315 libsandbox: mark internal fds with O_CLOEXEC We don't want to bleed these across forks/execs. Signed-off-by: Mike Frysinger gentoo.org> --- libsandbox/libsandbox.c | 4 ++-- localdecls.h | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c index a36e190..77a2415 100644 --- a/libsandbox/libsandbox.c +++ b/libsandbox/libsandbox.c @@ -386,7 +386,7 @@ static int sb_copy_file_to_fd(const char *file, int o= fd) { int ret =3D -1; =20 - int ifd =3D sb_open(file, O_RDONLY, 0); + int ifd =3D sb_open(file, O_RDONLY|O_CLOEXEC, 0); if (ifd =3D=3D -1) return ret; =20 @@ -480,7 +480,7 @@ static bool write_logfile(const char *logfile, const = char *func, const char *pat } =20 logfd =3D sb_open(logfile, - O_APPEND | O_WRONLY | O_CREAT, + O_APPEND | O_WRONLY | O_CREAT | O_CLOEXEC, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); if (logfd =3D=3D -1) { SB_EERROR("ISE:write_logfile ", "unable to append logfile\n"); diff --git a/localdecls.h b/localdecls.h index 590654d..674e848 100644 --- a/localdecls.h +++ b/localdecls.h @@ -49,6 +49,10 @@ # define MAP_ANONYMOUS MAP_ANON #endif =20 +#ifndef O_CLOEXEC +# define O_CLOEXEC 0 +#endif + #if !HAVE_DECL_ENVIRON extern char **environ; #endif