diff options
Diffstat (limited to 'tools')
-rw-r--r-- | tools/syslogd.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/tools/syslogd.c b/tools/syslogd.c index 77273bec..45c55664 100644 --- a/tools/syslogd.c +++ b/tools/syslogd.c @@ -3015,7 +3015,6 @@ static rsRetVal mainThread() glbl.SetHUPisRestart(0); /* we can not do restart-type HUPs with dropped privs */ } - /* END OF INTIALIZATION * ... but keep in mind that we might do a restart and thus init() might * be called again. If that happens, we must shut down the worker thread, @@ -3024,6 +3023,19 @@ static rsRetVal mainThread() */ dbgprintf("initialization completed, transitioning to regular run mode\n"); + /* close stderr and stdout if they are kept open during a fork. Note that this + * may introduce subtle security issues: if we are in a jail, one may break out of + * it via these descriptors. But if I close them earlier, error messages will (once + * again) not be emitted to the user that starts the daemon. As root jail support + * is still in its infancy (and not really done), we currently accept this issue. + * rgerhards, 2009-06-29 + */ + if(!(Debug || NoFork)) { + close(1); + close(2); + bErrMsgToStderr = 0; + } + mainloop(); finalize_it: |