isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Do not close error pipe or debug fd via closefrom() as we need them

Browse Source 
to report an exec error should one occur.
This commit is contained in:
Todd C. Miller
2011-11-29 19:51:24 -05:00
parent 3b2998d554
commit a64f1eaea8
4 changed files with 43 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/exec.c
View File

@@ -136,8 +136,15 @@ static int fork_cmnd(struct command_details *details, int sv[2])
/* headed for execve() */
sudo_debug_execve(SUDO_DEBUG_INFO, details->command,
details->argv, details->envp);
if (details->closefrom >= 0)
closefrom(details->closefrom);
if (details->closefrom >= 0) {
int maxfd = details->closefrom;
dup2(sv[1], maxfd);
(void)fcntl(maxfd, F_SETFD, FD_CLOEXEC);
sv[1] = maxfd++;
if (sudo_debug_fd_set(maxfd) != -1)
maxfd++;
closefrom(maxfd);
}
#ifdef HAVE_SELINUX
if (ISSET(details->flags, CD_RBAC_ENABLED))
selinux_execve(details->command, details->argv, details->envp);