summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoreric <eric@openbsd.org>2016-09-06 16:34:29 +0000
committereric <eric@openbsd.org>2016-09-06 16:34:29 +0000
commit366735a18765c2410f3cb37ff804b6a9bc03279a (patch)
treec86a747134e9cbe075b8e35fa127bc870133728e
parentIf you have a paragraph: (diff)
downloadwireguard-openbsd-366735a18765c2410f3cb37ff804b6a9bc03279a.tar.xz
wireguard-openbsd-366735a18765c2410f3cb37ff804b6a9bc03279a.zip
use closefrom() before reexec to make sure the new process only gets
the imsg socket. ok gilles@ sunil@
Diffstat
-rw-r--r--usr.sbin/smtpd/smtpd.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c
index c638e043e8c..661915d935d 100644
--- a/usr.sbin/smtpd/smtpd.c
+++ b/usr.sbin/smtpd/smtpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtpd.c,v 1.284 2016/09/04 16:10:31 eric Exp $ */
+/* $OpenBSD: smtpd.c,v 1.285 2016/09/06 16:34:29 eric Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -810,11 +810,12 @@ start_child(int save_argc, char **save_argv, char *rexec)
return p;
}
- close(sp[1]);
-
if (dup2(sp[0], 3) == -1)
fatal("%s: dup2", rexec);
+ if (closefrom(4) == -1)
+ fatal("%s: closefrom", rexec);
+
for (argc = 0; argc < save_argc; argc++)
argv[argc] = save_argv[argc];
argv[argc++] = "-x";
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.