VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lib/: Set O_CLOEXEC for static FILE handles

Browse Source 
With glibc we can use "e" in mode argument to set O_CLOEXEC on
opened files. The /etc/shadow and /etc/gshadow file handles should
be protected to make sure that they are never passed to child
processes by accident.

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
This commit is contained in:
Tobias Stoeckmann
2025-01-06 17:24:13 +01:00
committed by Alejandro Colomar
parent a772484f00
commit aebc4dd8c6
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/gshadow.c
View File

@@ -55,7 +55,7 @@ void setsgent (void)
if (NULL != shadow) {
rewind (shadow);
} else {
shadow = fopen (SGROUP_FILE, "r");
shadow = fopen (SGROUP_FILE, "re");
}
}

2
lib/shadow.c
View File

@@ -41,7 +41,7 @@ void setspent (void)
if (NULL != shadow) {
rewind (shadow);
}else {
shadow = fopen (SHADOW_FILE, "r");
shadow = fopen (SHADOW_FILE, "re");
}
}