syslogd close higher fds on pipe exec

Martijn van Duren Wed, 16 Sep 2020 03:01:48 -0700

I don't think we should keep these fds around on exec.

OK?


Index: privsep.c
===================================================================
RCS file: /cvs/src/usr.sbin/syslogd/privsep.c,v
retrieving revision 1.71
diff -u -p -r1.71 privsep.c
--- privsep.c   5 Jul 2019 13:23:27 -0000       1.71
+++ privsep.c   16 Sep 2020 09:59:36 -0000
@@ -519,6 +519,7 @@ open_pipe(char *cmd)
 
        if (dup2(fd[0], STDIN_FILENO) == -1)
                err(1, "dup2 failed");
+       closefrom(STDERR_FILENO + 1);
        if (execv("/bin/sh", argp) == -1)
                err(1, "execv %s", cmd);
        /* NOTREACHED */

syslogd close higher fds on pipe exec

Reply via email to