[exim-cvs] Set FD_CLOEXEC on SMTP sockets after forking to h…

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Exim Git Commits Mailing List
Data:  
Para: exim-cvs
Assunto: [exim-cvs] Set FD_CLOEXEC on SMTP sockets after forking to handle the connection.
Gitweb: http://git.exim.org/exim.git/commitdiff/fa32850be0d9e605da1b33305c122f7a59a24650
Commit:     fa32850be0d9e605da1b33305c122f7a59a24650
Parent:     261dc43e32f6039781ca92535e56f5caaa68b809
Author:     David Woodhouse <David.Woodhouse@???>
AuthorDate: Sun Dec 12 02:48:18 2010 +0000
Committer:  David Woodhouse <David.Woodhouse@???>
CommitDate: Sun Dec 12 02:52:20 2010 +0000


    Set FD_CLOEXEC on SMTP sockets after forking to handle the connection.
---
 doc/doc-txt/ChangeLog |    3 +++
 src/src/daemon.c      |    7 +++++++
 2 files changed, 10 insertions(+), 0 deletions(-)


diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index cf30701..624e0a8 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -89,6 +89,9 @@ DW/24 Bugzilla 1044: CVE-2010-4345 - part three: remove ALT_CONFIG_ROOT_ONLY
 DW/25 Add TRUSTED_CONFIG_PREFIX_FILE option to allow alternative configuration
       files to be used while preserving root privileges.


+DW/26 Set FD_CLOEXEC on SMTP sockets after forking in the daemon, to ensure
+      that rogue child processes cannot use them.
+


Exim version 4.72
-----------------
diff --git a/src/src/daemon.c b/src/src/daemon.c
index 8e6d667..3db9be3 100644
--- a/src/src/daemon.c
+++ b/src/src/daemon.c
@@ -425,6 +425,13 @@ if (pid == 0)

for (i = 0; i < listen_socket_count; i++) (void)close(listen_sockets[i]);

+  /* Set FD_CLOEXEC on the SMTP socket. We don't want any rogue child processes
+  to be able to communicate with them, under any circumstances. */
+  (void)fcntl(accept_socket, F_SETFD,
+              fcntl(accept_socket, F_GETFD) | FD_CLOEXEC);
+  (void)fcntl(dup_accept_socket, F_SETFD,
+              fcntl(dup_accept_socket, F_GETFD) | FD_CLOEXEC);
+
   #ifdef SA_NOCLDWAIT
   act.sa_handler = SIG_IGN;
   sigemptyset(&(act.sa_mask));