Really, there's pretty much no time we'd ever want O_CLOEXEC unset,
as it will likely result in leaking fds to processes that aren't
interested in them or shouldn't have them.
This also removes the (now unused) code from weston_logind_open() that
could drop O_CLOEXEC.
Signed-off-by: Derek Foreman <derekf@osg.samsung.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
struct weston_launcher_open *message;
struct stat s;
+ /* We really don't want to be leaking fds to child processes so
+ * we force this flag here. If someone comes up with a legitimate
+ * reason to not CLOEXEC they'll need to unset the flag manually.
+ */
+ flags |= O_CLOEXEC;
+
if (launcher->logind)
return weston_logind_open(launcher->logind, path, flags);
if (launcher->fd == -1) {
- fd = open(path, flags | O_CLOEXEC);
+ fd = open(path, flags);
if (fd == -1)
return -1;
* directly. Instead, logind passes us an fd with sane default modes.
* For DRM and evdev this means O_RDWR | O_CLOEXEC. If we want
* something else, we need to change it afterwards. We currently
- * only support dropping FD_CLOEXEC and setting O_NONBLOCK. Changing
- * access-modes is not possible so accept whatever logind passes us. */
+ * only support setting O_NONBLOCK. Changing access-modes is not
+ * possible so accept whatever logind passes us. */
fl = fcntl(fd, F_GETFL);
if (fl < 0) {
r = -errno;
goto err_close;
}
-
- fl = fcntl(fd, F_GETFD);
- if (fl < 0) {
- r = -errno;
- goto err_close;
- }
-
- if (!(flags & O_CLOEXEC))
- fl &= ~FD_CLOEXEC;
-
- r = fcntl(fd, F_SETFD, fl);
- if (r < 0) {
- r = -errno;
- goto err_close;
- }
-
return fd;
err_close:
projects / platform / upstream / weston.git / commitdiff