From 3d8fa6bb4012296a53fe04e486a9157a2963b644 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Mon, 22 Oct 2007 19:18:53 +0000 Subject: Set close-on-exec flag in most places where file descriptors are opened in our libraries (in case another application thread spawns a new process) and in the KDC programs (in case a plugin library spawns a new process). Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup dup2 pipe. In: util lib plugins kdc kadmin/server krb524. The various programs are less critical than the libraries, as any well-written plugin that spawns a new process should close all file descriptors it doesn't need to communicate with the new process. This approach also isn't bulletproof, as the call to set the close-on-exec flag is necessarily a separate call from creating the file descriptor, and the fork call could happen in between them. So plugins should be careful regardless of this patch; it will only reduce the window of potential lossage should a plugin be poorly written. (AFAIK there are currently no plugins that spawn processes where this would be a problem.) Update dependencies. ticket: 5561 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970 --- src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 1 + src/plugins/preauth/pkinit/pkinit_lib.c | 2 ++ 2 files changed, 3 insertions(+) (limited to 'src/plugins/preauth') diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index 1859b4f1a..e7e04d8ee 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -3736,6 +3736,7 @@ pkinit_get_certs_pkcs12(krb5_context context, idopts->cert_filename, errno); goto cleanup; } + set_cloexec_file(fp); p12 = d2i_PKCS12_fp(fp, NULL); fclose(fp); diff --git a/src/plugins/preauth/pkinit/pkinit_lib.c b/src/plugins/preauth/pkinit/pkinit_lib.c index f49ef5ebf..046e3e264 100644 --- a/src/plugins/preauth/pkinit/pkinit_lib.c +++ b/src/plugins/preauth/pkinit/pkinit_lib.c @@ -470,6 +470,8 @@ print_buffer_bin(unsigned char *buf, unsigned int len, char *filename) if ((f = fopen(filename, "w")) == NULL) return; + set_cloexec_file(f); + for (i = 0; i < len; i++) fputc(buf[i], f); -- cgit