diff options
Diffstat (limited to 'proc.c')
-rw-r--r-- | proc.c | 16 |
1 files changed, 14 insertions, 2 deletions
@@ -238,10 +238,16 @@ proc_init(struct privsep *ps, struct privsep_proc *procs, unsigned int nproc, pa = &ps->ps_pipes[PROC_PARENT][0]; pb = &ps->ps_pipes[dst][proc]; if (socketpair(AF_UNIX, - SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, + SOCK_STREAM, PF_UNSPEC, fds) == -1) fatal("%s: socketpair", __func__); + mark_nonblock(fds[0]); + mark_nonblock(fds[1]); + if (fcntl(fds[0], F_SETFD, FD_CLOEXEC) == -1 || + fcntl(fds[1], F_SETFD, FD_CLOEXEC) == -1) + fatal("%s: fcntl F_SETFD", __func__); + pa->pp_pipes[dst][proc] = fds[0]; pb->pp_pipes[PROC_PARENT][0] = fds[1]; } @@ -432,10 +438,16 @@ proc_open(struct privsep *ps, int src, int dst) pa = &ps->ps_pipes[src][i]; pb = &ps->ps_pipes[dst][j]; if (socketpair(AF_UNIX, - SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, + SOCK_STREAM, PF_UNSPEC, fds) == -1) fatal("%s: socketpair", __func__); + mark_nonblock(fds[0]); + mark_nonblock(fds[1]); + if (fcntl(fds[0], F_SETFD, FD_CLOEXEC) == -1 || + fcntl(fds[1], F_SETFD, FD_CLOEXEC) == -1) + fatal("%s: fcntl F_SETFD", __func__); + pa->pp_pipes[dst][j] = fds[0]; pb->pp_pipes[src][i] = fds[1]; |