summaryrefslogtreecommitdiff
path: root/source3/rpc_server/rpc_server.c
diff options
context:
space:
mode:
authorGary Lockyer <gary@catalyst.net.nz>2017-12-11 09:39:43 +1300
committerAndrew Bartlett <abartlet@samba.org>2017-12-18 04:38:20 +0100
commit3a504d48c39a9dda97b3d02d63c247329631d168 (patch)
tree32628dd8975ab8152c70bb532ec8bad0e2e40b16 /source3/rpc_server/rpc_server.c
parent34f7894719dccd701f2bd9eee5669ea8b1ab7473 (diff)
downloadsamba-3a504d48c39a9dda97b3d02d63c247329631d168.tar.gz
source3/rpc_server/rpc_server.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept. This ensures that the socket is unavailable to any child process created by system(). Making it harder for malicious code to set up a command channel, as seen in the exploit for CVE-2015-0240 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source3/rpc_server/rpc_server.c')
-rw-r--r--source3/rpc_server/rpc_server.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c
index e15cd205cdc..94335b3ea53 100644
--- a/source3/rpc_server/rpc_server.c
+++ b/source3/rpc_server/rpc_server.c
@@ -216,6 +216,7 @@ static void named_pipe_listener(struct tevent_context *ev,
}
return;
}
+ smb_set_close_on_exec(sd);
DEBUG(6, ("Accepted socket %d\n", sd));
@@ -722,6 +723,7 @@ static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
}
return;
}
+ smb_set_close_on_exec(s);
rc = tsocket_address_bsd_from_sockaddr(state,
(struct sockaddr *)(void *) &addr,
@@ -892,6 +894,7 @@ static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
}
return;
}
+ smb_set_close_on_exec(sd);
rc = tsocket_address_bsd_from_sockaddr(state,
addr, len,