syslogd close higher fds on pipe exec

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

syslogd close higher fds on pipe exec

Martijn van Duren-5
I don't think we should keep these fds around on exec.

OK?

Index: privsep.c
===================================================================
RCS file: /cvs/src/usr.sbin/syslogd/privsep.c,v
retrieving revision 1.71
diff -u -p -r1.71 privsep.c
--- privsep.c 5 Jul 2019 13:23:27 -0000 1.71
+++ privsep.c 16 Sep 2020 09:59:36 -0000
@@ -519,6 +519,7 @@ open_pipe(char *cmd)
 
  if (dup2(fd[0], STDIN_FILENO) == -1)
  err(1, "dup2 failed");
+ closefrom(STDERR_FILENO + 1);
  if (execv("/bin/sh", argp) == -1)
  err(1, "execv %s", cmd);
  /* NOTREACHED */