diff options
author | Darren Tucker <dtucker@zip.com.au> | 2010-01-08 17:07:22 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-08 17:07:22 +1100 |
commit | 6e7fe1c01b8a69099ffc42e653cc478509e84781 (patch) | |
tree | d6636498087a2b9b4fd4651edd4e0f07788e51e1 /channels.c | |
parent | f788a91624601857c586a4dd97c66083946e7781 (diff) |
- dtucker@cvs.openbsd.org 2009/11/10 04:30:45
[sshconnect2.c channels.c sshconnect.c]
Set close-on-exec on various descriptors so they don't get leaked to
child processes. bz #1643, patch from jchadima at redhat, ok deraadt.
Diffstat (limited to 'channels.c')
-rw-r--r-- | channels.c | 10 |
1 files changed, 8 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.297 2009/10/28 16:38:18 reyk Exp $ */ +/* $OpenBSD: channels.c,v 1.298 2009/11/10 04:30:44 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -53,6 +53,7 @@ #include <arpa/inet.h> #include <errno.h> +#include <fcntl.h> #include <netdb.h> #include <stdio.h> #include <stdlib.h> @@ -231,7 +232,12 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, channel_max_fd = MAX(channel_max_fd, wfd); channel_max_fd = MAX(channel_max_fd, efd); - /* XXX set close-on-exec -markus */ + if (rfd != -1) + fcntl(rfd, F_SETFD, FD_CLOEXEC); + if (wfd != -1 && wfd != rfd) + fcntl(wfd, F_SETFD, FD_CLOEXEC); + if (efd != -1 && efd != rfd && efd != wfd) + fcntl(efd, F_SETFD, FD_CLOEXEC); c->rfd = rfd; c->wfd = wfd; |