URL:
<http://savannah.gnu.org/bugs/?27375>
Summary: find leaks fds to child processes
Project: findutils
Submitted by: ericb
Submitted on: Wed 02 Sep 2009 03:37:26 PM MDT
Category: find
Severity: 3 - Normal
Item Group: Wrong result
Status: Confirmed
Privacy: Public
Assigned to: ericb
Originator Name: Eric Blake
Originator Email: [email protected]
Open/Closed: Open
Discussion Lock: Any
Release: None
Fixed Release: None
_______________________________________________________
Details:
Find currently leaks directory fds to child processes. This could be
considered a minor security hole, since a rogue child could fchdir into a
directory that would otherwise be inaccessible, or even play games such as
using rewinddir(fdopendir(n)) on a leaked fd to change the state visible if
the parent later calls readdir on the same underlying fd. Also, the leak puts
the child that much closer to hitting EMFILE limits.
$ find dir -exec ls -l /proc/self/fd \;
total 0
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 0 -> /dev/tty1
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 1 -> /dev/tty1
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 2 -> /dev/tty1
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 3 -> /home/eblake/findutils
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 4 -> /proc/8064/fd
total 0
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 0 -> /dev/tty1
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 1 -> /dev/tty1
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 2 -> /dev/tty1
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 3 -> /home/eblake/findutils
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 4 -> /proc/69896/fd
lrwxrwxrwx 1 eblake Domain Users 0 Nov 30 2006 5 ->
/home/eblake/findutils/dir
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?27375>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
