Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

set close on exec on a couple of FDs. from Charles Blundell PR security/16663

This commit is contained in:
perry 2003-04-04 01:24:09 +00:00
parent 015903956e
commit eca50de83f
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
usr.sbin/cron/crontab.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: crontab.c,v 1.16 2002/11/16 04:34:13 itojun Exp $ */
/* $NetBSD: crontab.c,v 1.17 2003/04/04 01:24:09 perry Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* All rights reserved
@ -22,7 +22,7 @@
#if 0
static char rcsid[] = "Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp";
#else
__RCSID("$NetBSD: crontab.c,v 1.16 2002/11/16 04:34:13 itojun Exp $");
__RCSID("$NetBSD: crontab.c,v 1.17 2003/04/04 01:24:09 perry Exp $");
#endif
#endif
@ -347,6 +347,10 @@ edit_cmd() {
perror("fchown");
goto fatal;
}
if (fcntl(t, F_SETFD, FD_CLOEXEC) == -1) {
perror("fcntl");
goto fatal;
}
if (!(NewCrontab = fdopen(t, "r+"))) {
perror("fdopen");
goto fatal;
@ -567,7 +571,7 @@ replace_cmd() {
fprintf(tmp, "# DO NOT EDIT THIS FILE - edit the master and reinstall.\n");
fprintf(tmp, "# (%s installed on %-24.24s)\n", Filename, ctime(&now));
fprintf(tmp, "# (Cron version -- %s)\n",
"$NetBSD: crontab.c,v 1.16 2002/11/16 04:34:13 itojun Exp $");
"$NetBSD: crontab.c,v 1.17 2003/04/04 01:24:09 perry Exp $");
/* copy the crontab to the tmp
*/

8
usr.sbin/cron/misc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: misc.c,v 1.8 1998/07/28 19:27:39 mycroft Exp $ */
/* $NetBSD: misc.c,v 1.9 2003/04/04 01:24:09 perry Exp $ */
/* Copyright 1988,1990,1993,1994 by Paul Vixie
* All rights reserved
@ -22,7 +22,7 @@
#if 0
static char rcsid[] = "Id: misc.c,v 2.9 1994/01/15 20:43:43 vixie Exp";
#else
__RCSID("$NetBSD: misc.c,v 1.8 1998/07/28 19:27:39 mycroft Exp $");
__RCSID("$NetBSD: misc.c,v 1.9 2003/04/04 01:24:09 perry Exp $");
#endif
#endif
@ -446,6 +446,10 @@ allowed(username)
allow = fopen(ALLOW_FILE, "r");
deny = fopen(DENY_FILE, "r");
Debug(DMISC, ("allow/deny enabled, %d/%d\n", !!allow, !!deny))
if (allow)
(void)fcntl(fileno(allow), F_SETFD, FD_CLOEXEC);
if (deny)
(void)fcntl(fileno(deny), F_SETFD, FD_CLOEXEC);
#else
allow = NULL;
deny = NULL;