diff options
author | Ken Raeburn <raeburn@mit.edu> | 2007-10-22 19:18:53 +0000 |
---|---|---|
committer | Ken Raeburn <raeburn@mit.edu> | 2007-10-22 19:18:53 +0000 |
commit | 3d8fa6bb4012296a53fe04e486a9157a2963b644 (patch) | |
tree | 7c0f5dcc658ebd75d758024a21097af95d616e05 /src/lib/rpc/getrpcent.c | |
parent | 70e8d7a6c50bbdb547150eba0abdef46d93d5b71 (diff) | |
download | krb5-3d8fa6bb4012296a53fe04e486a9157a2963b644.zip krb5-3d8fa6bb4012296a53fe04e486a9157a2963b644.tar.gz krb5-3d8fa6bb4012296a53fe04e486a9157a2963b644.tar.bz2 |
Set close-on-exec flag in most places where file descriptors are
opened in our libraries (in case another application thread spawns a
new process) and in the KDC programs (in case a plugin library spawns
a new process).
Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup
dup2 pipe. In: util lib plugins kdc kadmin/server krb524.
The various programs are less critical than the libraries, as any
well-written plugin that spawns a new process should close all file
descriptors it doesn't need to communicate with the new process.
This approach also isn't bulletproof, as the call to set the
close-on-exec flag is necessarily a separate call from creating the
file descriptor, and the fork call could happen in between them. So
plugins should be careful regardless of this patch; it will only
reduce the window of potential lossage should a plugin be poorly
written. (AFAIK there are currently no plugins that spawn processes
where this would be a problem.)
Update dependencies.
ticket: 5561
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/rpc/getrpcent.c')
-rw-r--r-- | src/lib/rpc/getrpcent.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/lib/rpc/getrpcent.c b/src/lib/rpc/getrpcent.c index a91a7a5..0654039 100644 --- a/src/lib/rpc/getrpcent.c +++ b/src/lib/rpc/getrpcent.c @@ -125,9 +125,11 @@ SETRPCENT_TYPE setrpcent(int f) if (d == 0) return; - if (d->rpcf == NULL) + if (d->rpcf == NULL) { d->rpcf = fopen(RPCDB, "r"); - else + if (d->rpcf) + set_cloexec_file(d->rpcf); + } else rewind(d->rpcf); if (d->current) free(d->current); @@ -162,9 +164,12 @@ getrpcent(void) if (d == 0) return(NULL); - if (d->rpcf == NULL && (d->rpcf = fopen(RPCDB, "r")) == NULL) + if (d->rpcf == NULL) { + if ((d->rpcf = fopen(RPCDB, "r")) == NULL) return (NULL); - if (fgets(d->line, BUFSIZ, d->rpcf) == NULL) + set_cloexec_file(d->rpcf); + } + if (fgets(d->line, BUFSIZ, d->rpcf) == NULL) return (NULL); return interpret(d->line, strlen(d->line)); } |