From 306e7277f77ba6b20b7c7c19c7a0c23d2e547343 Mon Sep 17 00:00:00 2001 From: Scott Mcdermott Date: Mon, 19 Aug 2024 05:12:39 -0700 Subject: [PATCH] listen_for_commands: stop leaking the control socket to forked procs All the "exec"d processes would get a copy of the control socket descriptor, because of the default UNIX semantics of fd inherit across execv(). This was easily seen on my system where an 'lsof' revealed that all my terminals and shells had a copy. To fix this we add the SOCK_CLOEXEC flag whilst opening the listener socket(), avoiding this problem. The "bar" descriptor already handles this by setting O_CLOEXEC in its FIFO open() call. --- communications.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/communications.c b/communications.c index e13b116..3333601 100644 --- a/communications.c +++ b/communications.c @@ -52,7 +52,7 @@ listen_for_commands(void) struct sockaddr_un sun; if ((rp_glob_screen.control_socket_fd = socket(AF_UNIX, - SOCK_STREAM | SOCK_NONBLOCK, 0)) == -1) + SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0)) == -1) err(1, "socket"); if (strlen(rp_glob_screen.control_socket_path) >= sizeof(sun.sun_path))