nss-pam-ldapd commit: r1821 - nss-pam-ldapd/common

[Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>]

Author: arthur
Date: Sun Nov 11 17:40:41 2012
New Revision: 1821
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1821&view=revision

Log:
set FD_CLOEXEC to ensure that nslcd file descriptor is not leaked to child 
processes

Modified:
   nss-pam-ldapd/common/nslcd-prot.c

Modified: nss-pam-ldapd/common/nslcd-prot.c
==============================================================================
--- nss-pam-ldapd/common/nslcd-prot.c   Sun Nov 11 16:37:22 2012        (r1820)
+++ nss-pam-ldapd/common/nslcd-prot.c   Sun Nov 11 17:40:41 2012        (r1821)
@@ -33,6 +33,7 @@
 #include <sys/stat.h>
 #include <errno.h>
 #include <string.h>
+#include <fcntl.h>
 
 #include "nslcd.h"
 #include "nslcd-prot.h"
@@ -62,6 +63,7 @@
   int sock;
   struct sockaddr_un addr;
   TFILE *fp;
+  int flags;
   /* create a socket */
   if ( (sock=socket(PF_UNIX,SOCK_STREAM,0))<0 )
     return NULL;
@@ -70,6 +72,10 @@
   addr.sun_family=AF_UNIX;
   strncpy(addr.sun_path,NSLCD_SOCKET,sizeof(addr.sun_path));
   addr.sun_path[sizeof(addr.sun_path)-1]='\0';
+  /* close the file descriptor on exec (ignore errors) */
+  flags=fcntl(sock,F_GETFL);
+  if (flags>=0)
+    (void)fcntl(sock,F_SETFD,flags|FD_CLOEXEC);
   /* connect to the socket */
   if (connect(sock,(struct sockaddr *)&addr,SUN_LEN(&addr))<0)
   {
-- 
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/