`xl devd` has been observed leaking /var/log/xldevd.log into children. Note this is specifically safe; dup2() leaves O_CLOEXEC disabled on newfd, so after setting up stdout/stderr, it's only the logfile fd which will close on exec().
Link: https://github.com/QubesOS/qubes-issues/issues/8292 Reported-by: Demi Marie Obenour <[email protected]> Signed-off-by: Andrew Cooper <[email protected]> --- CC: Anthony PERARD <[email protected]> CC: Juergen Gross <[email protected]> CC: Demi Marie Obenour <[email protected]> CC: Marek Marczykowski-Górecki <[email protected]> CC: Oleksii Kurochko <[email protected]> Also entirely speculative based on the QubesOS ticket. v2: * Extend the commit message to explain why stdout/stderr aren't closed by this change For 4.19. This bugfix was posted earlier, but fell between the cracks. --- tools/xl/xl_utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/xl/xl_utils.c b/tools/xl/xl_utils.c index 17489d182954..060186db3a59 100644 --- a/tools/xl/xl_utils.c +++ b/tools/xl/xl_utils.c @@ -270,7 +270,7 @@ int do_daemonize(const char *name, const char *pidfile) exit(-1); } - CHK_SYSCALL(logfile = open(fullname, O_WRONLY|O_CREAT|O_APPEND, 0644)); + CHK_SYSCALL(logfile = open(fullname, O_WRONLY | O_CREAT | O_APPEND | O_CLOEXEC, 0644)); free(fullname); assert(logfile >= 3); -- 2.39.2
