aboutsummaryrefslogtreecommitdiff
path: root/proc.c
diff options
context:
space:
mode:
Diffstat (limited to 'proc.c')
-rw-r--r--proc.c16
1 files changed, 14 insertions, 2 deletions
diff --git a/proc.c b/proc.c
index 171a58e..b9e45f0 100644
--- a/proc.c
+++ b/proc.c
@@ -238,10 +238,16 @@ proc_init(struct privsep *ps, struct privsep_proc *procs, unsigned int nproc,
pa = &ps->ps_pipes[PROC_PARENT][0];
pb = &ps->ps_pipes[dst][proc];
if (socketpair(AF_UNIX,
- SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC,
+ SOCK_STREAM,
PF_UNSPEC, fds) == -1)
fatal("%s: socketpair", __func__);
+ mark_nonblock(fds[0]);
+ mark_nonblock(fds[1]);
+ if (fcntl(fds[0], F_SETFD, FD_CLOEXEC) == -1 ||
+ fcntl(fds[1], F_SETFD, FD_CLOEXEC) == -1)
+ fatal("%s: fcntl F_SETFD", __func__);
+
pa->pp_pipes[dst][proc] = fds[0];
pb->pp_pipes[PROC_PARENT][0] = fds[1];
}
@@ -432,10 +438,16 @@ proc_open(struct privsep *ps, int src, int dst)
pa = &ps->ps_pipes[src][i];
pb = &ps->ps_pipes[dst][j];
if (socketpair(AF_UNIX,
- SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC,
+ SOCK_STREAM,
PF_UNSPEC, fds) == -1)
fatal("%s: socketpair", __func__);
+ mark_nonblock(fds[0]);
+ mark_nonblock(fds[1]);
+ if (fcntl(fds[0], F_SETFD, FD_CLOEXEC) == -1 ||
+ fcntl(fds[1], F_SETFD, FD_CLOEXEC) == -1)
+ fatal("%s: fcntl F_SETFD", __func__);
+
pa->pp_pipes[dst][j] = fds[0];
pb->pp_pipes[src][i] = fds[1];