diff options
author | Gary Lockyer <gary@catalyst.net.nz> | 2017-12-11 09:39:43 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-12-18 04:38:20 +0100 |
commit | 3a504d48c39a9dda97b3d02d63c247329631d168 (patch) | |
tree | 32628dd8975ab8152c70bb532ec8bad0e2e40b16 /source3/rpc_server/rpc_server.c | |
parent | 34f7894719dccd701f2bd9eee5669ea8b1ab7473 (diff) | |
download | samba-3a504d48c39a9dda97b3d02d63c247329631d168.tar.gz |
source3/rpc_server/rpc_server.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept. This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source3/rpc_server/rpc_server.c')
-rw-r--r-- | source3/rpc_server/rpc_server.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c index e15cd205cdc..94335b3ea53 100644 --- a/source3/rpc_server/rpc_server.c +++ b/source3/rpc_server/rpc_server.c @@ -216,6 +216,7 @@ static void named_pipe_listener(struct tevent_context *ev, } return; } + smb_set_close_on_exec(sd); DEBUG(6, ("Accepted socket %d\n", sd)); @@ -722,6 +723,7 @@ static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev, } return; } + smb_set_close_on_exec(s); rc = tsocket_address_bsd_from_sockaddr(state, (struct sockaddr *)(void *) &addr, @@ -892,6 +894,7 @@ static void dcerpc_ncalrpc_listener(struct tevent_context *ev, } return; } + smb_set_close_on_exec(sd); rc = tsocket_address_bsd_from_sockaddr(state, addr, len, |