Set FD_CLOEXEC flag on all sockets.

[oweals/tinc.git] / src / linux / device.c

diff --git a/src/linux/device.c b/src/linux/device.c
index c06e7b93940b29812a7feb3a101e3e77e995dcf0..f50ff1123be023261f23ac52deed8063309f906f 100644 (file)
--- a/src/linux/device.c
+++ b/src/linux/device.c
@@ -1,7 +1,7 @@
 /*
     device.c -- Interaction with Linux ethertap and tun/tap device
     Copyright (C) 2001-2005 Ivo Timmermans,
-                  2001-2011 Guus Sliepen <guus@tinc-vpn.org>
+                  2001-2012 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -72,6 +72,10 @@ static bool setup_device(void) {
                return false;
        }
 
+#ifdef FD_CLOEXEC
+       fcntl(device_fd, F_SETFD, FD_CLOEXEC);
+#endif
+
 #ifdef HAVE_LINUX_IF_TUN_H
        /* Ok now check if this is an old ethertap or a new tun/tap thingie */