[prev in list] [next in list] [prev in thread] [next in thread]
List: smartmontools-support
Subject: Re: [smartmontools-support] [PATCH] Set FD_CLOEXEC on the device
From: Bruce Allen <ballen () gravity ! phys ! uwm ! edu>
Date: 2008-03-17 14:18:47
Message-ID: Pine.LNX.4.63.0803170813350.28418 () homer ! phys ! uwm ! edu
[Download RAW message or body]
Hi Tomá,
I'm getting ready to apply this patch, thank you. This is probably
applicable to other OSes as well. By the way, I assume that the 'close on
exec' does not restrict the 'duplication' of the fd that happens during
fork, when smartd forks itself twice to detach from controlling terminals,
stdin/out, etc.
Would it be possible for me to add you to the list of smartmontools
developers? Then you could check code changes like this directly into
CVS. The smartmontools developers already include maintainers from
Debian, Suse, and Mandrake (and perhaps others that I have forgotten).
Since Redhat/FC are very widely used, it makes sense for you to have the
ability to move fixes upstream.
Cheers,
Bruce
On Mon, 17 Mar 2008, Tomá Smetana wrote:
> Hello,
> I'm attaching a patch that sets FD_CLOEXEC on the opened device file
> descriptor. The descriptor is otherwise leaked to other applications
> (mail sender) which may be considered a security risk and may result in
> AVC messages on SELinux-enabled systems.
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Smartmontools-support mailing list
Smartmontools-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/smartmontools-support
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic