- force FD_CLOEXEC on 1st 100 inherited fdno's.

CVS patchset: 7125
CVS date: 2004/02/23 00:43:45

diff --git a/CHANGES b/CHANGES
index e588976..4185443 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -22,6 +22,7 @@
        - fix: only first "mkdir -p" directory had context set.
        - stable sort for policy specifications, patterns before paths.
        - set "rpm_script_t" exec type for scriptlets iff /bin/sh, else default.
+       - force FD_CLOEXEC on 1st 100 inherited fdno's.
 
 4.2.1 -> 4.2.2:
        - unify signal handling in librpmio, use condvar to deliver signal.

diff --git a/lib/psm.c b/lib/psm.c
index 122dd76..ea06008 100644 (file)
--- a/lib/psm.c
+++ b/lib/psm.c
@@ -737,6 +737,8 @@ static rpmRC runScript(rpmpsm psm, Header h, const char * sln,
     if (psm->sq.child == 0) {
        const char * rootDir;
        int pipes[2];
+       int flag;
+       int fdno;
 
        pipes[0] = pipes[1] = 0;
        /* make stdin inaccessible */
@@ -745,6 +747,15 @@ static rpmRC runScript(rpmpsm psm, Header h, const char * sln,
        xx = dup2(pipes[0], STDIN_FILENO);
        xx = close(pipes[0]);
 
+       /* XXX Force FD_CLOEXEC on 1st 100 inherited fdno's. */
+       for (fdno = 3; fdno < 100; fdno++) {
+           flag = fcntl(fdno, F_GETFD);
+           if (flag == -1 || (flag & FD_CLOEXEC))
+               continue;
+           xx = fcntl(fdno, F_SETFD, FD_CLOEXEC);
+           /* XXX W2DO? debug msg for inheirited fdno w/o FD_CLOEXEC */
+       }
+
        if (scriptFd != NULL) {
            int sfdno = Fileno(scriptFd);
            int ofdno = Fileno(out);

diff --git a/rpm.spec.in b/rpm.spec.in
index a763c69..8505a02 100644 (file)
--- a/rpm.spec.in
+++ b/rpm.spec.in
@@ -486,6 +486,7 @@ exit 0
 - add ia32e arch.
 - stable sort for policy specifications, patterns before paths.
 - set "rpm_script_t" exec type for scriptlets iff /bin/sh, else default.
+- force FD_CLOEXEC on 1st 100 inherited fdno's.
 
 * Fri Feb 20 2004 Jeff Johnson <jbj@jbj.org> 4.3-0.13
 - fix: only first "mkdir -p" directory had context set.