launcher-util: Force all weston_launcher_open()s to use O_CLOEXEC

Really, there's pretty much no time we'd ever want O_CLOEXEC unset,
as it will likely result in leaking fds to processes that aren't
interested in them or shouldn't have them.

This also removes the (now unused) code from weston_logind_open() that
could drop O_CLOEXEC.

Signed-off-by: Derek Foreman <derekf@osg.samsung.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Reviewed-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
dev
Derek Foreman 10 years ago committed by Pekka Paalanen
parent 8f5acc2f3a
commit 2663c68330
  1. 8
      src/launcher-util.c
  2. 20
      src/logind-util.c

@ -114,11 +114,17 @@ weston_launcher_open(struct weston_launcher *launcher,
struct weston_launcher_open *message;
struct stat s;
/* We really don't want to be leaking fds to child processes so
* we force this flag here. If someone comes up with a legitimate
* reason to not CLOEXEC they'll need to unset the flag manually.
*/
flags |= O_CLOEXEC;
if (launcher->logind)
return weston_logind_open(launcher->logind, path, flags);
if (launcher->fd == -1) {
fd = open(path, flags | O_CLOEXEC);
fd = open(path, flags);
if (fd == -1)
return -1;

@ -186,8 +186,8 @@ weston_logind_open(struct weston_logind *wl, const char *path,
* directly. Instead, logind passes us an fd with sane default modes.
* For DRM and evdev this means O_RDWR | O_CLOEXEC. If we want
* something else, we need to change it afterwards. We currently
* only support dropping FD_CLOEXEC and setting O_NONBLOCK. Changing
* access-modes is not possible so accept whatever logind passes us. */
* only support setting O_NONBLOCK. Changing access-modes is not
* possible so accept whatever logind passes us. */
fl = fcntl(fd, F_GETFL);
if (fl < 0) {
@ -203,22 +203,6 @@ weston_logind_open(struct weston_logind *wl, const char *path,
r = -errno;
goto err_close;
}
fl = fcntl(fd, F_GETFD);
if (fl < 0) {
r = -errno;
goto err_close;
}
if (!(flags & O_CLOEXEC))
fl &= ~FD_CLOEXEC;
r = fcntl(fd, F_SETFD, fl);
if (r < 0) {
r = -errno;
goto err_close;
}
return fd;
err_close:

Loading…
Cancel
Save