Package: watchdog
Version: 5.4-10
Severity: normal
The following patch sets the socket handle for raw socket access to close on
exec. This means that when popen is used to spawn sendmail the sendmail
process won't inherit the file handle.
I don't know if this is the only file handle that might be inappropriately
inherited, but it's the only one that appeared in my tests.
diff -ru watchdog-5.4.bak/src/watchdog.c watchdog-5.4/src/watchdog.c
--- watchdog-5.4.bak/src/watchdog.c 2007-08-17 19:24:54.000000000 +1000
+++ watchdog-5.4/src/watchdog.c 2009-10-27 23:10:03.000000000 +1100
@@ -555,7 +555,8 @@
(void) fprintf(stderr, "%s: unknown protocol icmp.\n",
progname);
exit(1);
}
- if ((net->sock_fp = socket(AF_INET, SOCK_RAW, proto->p_proto)) < 0)
{
+ if ((net->sock_fp = socket(AF_INET, SOCK_RAW, proto->p_proto)) < 0
+ || fcntl(net->sock_fp, F_SETFD, 1)) {
perror(progname);
exit(1);
}
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
