diff options
author | Gary Lockyer <gary@catalyst.net.nz> | 2017-12-11 09:31:33 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-12-18 04:38:19 +0100 |
commit | 8b3c58251146d2e982a6c9fdb3828ca65e307a96 (patch) | |
tree | 5ca3bb21cadad71f1236acf8c24f715ff19ff3d5 /lib/async_req | |
parent | 954eddd0b8c25424fd44bbd002ba36873fe2c8d4 (diff) | |
download | samba-8b3c58251146d2e982a6c9fdb3828ca65e307a96.tar.gz |
lib/async_req/async_sock.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept. This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'lib/async_req')
-rw-r--r-- | lib/async_req/async_sock.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c index db3916e07e7..0a8a333f4f3 100644 --- a/lib/async_req/async_sock.c +++ b/lib/async_req/async_sock.c @@ -738,6 +738,7 @@ static void accept_handler(struct tevent_context *ev, struct tevent_fd *fde, tevent_req_error(req, errno); return; } + smb_set_close_on_exec(ret); state->sock = ret; tevent_req_done(req); } |