[LEDE-DEV] procd: Do not leak pipe file descriptors to children

Submitted by Michal Sojka on July 6, 2017, 8:25 p.m.

Details

Message ID 20170706202516.5135-1-sojkam1@fel.cvut.cz
State New
Delegated to: John Crispin
Headers show

Commit Message

Michal Sojka July 6, 2017, 8:25 p.m.
Without this change, a process started by procd can have access to
stdout/err of processes started by procd before.

Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
---
 rcS.c              | 1 +
 service/instance.c | 2 ++
 2 files changed, 3 insertions(+)

Patch hide | download patch | download mbox

diff --git a/rcS.c b/rcS.c
index 4ecf0c1..b1202bf 100644
--- a/rcS.c
+++ b/rcS.c
@@ -82,6 +82,7 @@  static void q_initd_run(struct runqueue *q, struct runqueue_task *t)
 
 	if (pid) {
 		close(pipefd[1]);
+		fcntl(pipefd[0], F_SETFD, FD_CLOEXEC);
 		s->fd.stream.string_data = true,
 		s->fd.stream.notify_read = pipe_cb,
 		runqueue_process_add(q, &s->proc, pid);
diff --git a/service/instance.c b/service/instance.c
index e5c4830..bb766ea 100644
--- a/service/instance.c
+++ b/service/instance.c
@@ -444,11 +444,13 @@  instance_start(struct service_instance *in)
 	if (opipe[0] > -1) {
 		ustream_fd_init(&in->_stdout, opipe[0]);
 		closefd(opipe[1]);
+		fcntl(opipe[0], F_SETFD, FD_CLOEXEC);
 	}
 
 	if (epipe[0] > -1) {
 		ustream_fd_init(&in->_stderr, epipe[0]);
 		closefd(epipe[1]);
+		fcntl(epipe[0], F_SETFD, FD_CLOEXEC);
 	}
 
 	service_event("instance.start", in->srv->name, in->name);