set O_CLOEXEC on TTY slave/master file descriptors

Don't leak them to the notification process.

diff --git a/src/wall-notify.c b/src/wall-notify.c
index e7106be07ca58a8cb731d3f7bcdce839bde76b63..57ec37f00a60cef695e28b536055551716c4f391 100644 (file)
--- a/src/wall-notify.c
+++ b/src/wall-notify.c
@@ -67,6 +67,17 @@ static void setup_signals(void) {
     sigaction(SIGUSR2, &action, NULL);
 }
 
     sigaction(SIGUSR2, &action, NULL);
 }
 

+static int set_cloexec(int fd) {
+    int flags = fcntl(fd, F_GETFD);
+    if (flags == -1) {
+        return 0;
+    }
+    if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) == -1) {
+        return 0;
+    }
+    return 1;
+}
+

 static int open_tty(int public) {
     int ptm;
     const char *name;
 static int open_tty(int public) {
     int ptm;
     const char *name;


@@ -78,6 +89,9 @@ static int open_tty(int public) {
     if (grantpt(ptm) != 0) {
         return -1;
     }
     if (grantpt(ptm) != 0) {
         return -1;
     }

+    if (!set_cloexec(ptm)) {
+        return -1;
+    }

 
     /* Prevent write access for other users so they can't use wall to send
      * messages to this program. */
 
     /* Prevent write access for other users so they can't use wall to send
      * messages to this program. */


@@ -442,7 +456,7 @@ int main(int argc, char **argv) {
 
     /* We need to open the slave or reading from the master yields EOF after
      * the first wall write to it. */
 
     /* We need to open the slave or reading from the master yields EOF after
      * the first wall write to it. */

-    pts = open(name, O_RDWR);
+    pts = open(name, O_RDWR | O_CLOEXEC);

     if (pts < 0) {
         perror(name);
         exit(EXIT_FAILURE);
     if (pts < 0) {
         perror(name);
         exit(EXIT_FAILURE);