ujail: add O_CLOEXEC flag to open() call

if we forget to close() in the future,
this prevent fd leak

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

diff --git a/jail/elf.c b/jail/elf.c
index b8f2cc549e8c33ce490d0a59bcef411e0263cd81..7c6076afb6a7f305695163ede2a796af73f9cd5e 100644 (file)
--- a/jail/elf.c
+++ b/jail/elf.c
@@ -81,7 +81,7 @@ int lib_open(char **fullpath, const char *file)
 
        list_for_each_entry(p, &library_paths, list) {
                snprintf(path, sizeof(path), "%s/%s", p->path, file);
-               fd = open(path, O_RDONLY);
+               fd = open(path, O_RDONLY|O_CLOEXEC);
                if (fd >= 0) {
                        *fullpath = strdup(path);
                        break;

diff --git a/jail/fs.c b/jail/fs.c
index 7b7b82002402ad90edb838a6b12368d42c35b55a..f390180699f3d91fb53e01d594144ef9404ff440 100644 (file)
--- a/jail/fs.c
+++ b/jail/fs.c
@@ -116,7 +116,7 @@ int add_path_and_deps(const char *path, int readonly, int error, int lib)
        if (path[0] == '/') {
                if (avl_find(&mounts, path))
                        return 0;
-               fd = open(path, O_RDONLY);
+               fd = open(path, O_RDONLY|O_CLOEXEC);
                if (fd == -1)
                        return error;
                add_mount(path, readonly, error);