From b03b49110eada5a516507346c9006dae9111570b Mon Sep 17 00:00:00 2001 From: Scott Mcdermott Date: Mon, 19 Aug 2024 05:12:39 -0700 Subject: [PATCH] listen_for_commands: stop leaking the control socket to forked procs All the "exec"d processes would get a copy of the control socket descriptor, because of the default UNIX semantics of fd inherit across execv(). This was easily seen on my system where an 'lsof' revealed that all my terminals and shells had a copy. To fix this we add the SOCK_CLOEXEC flag whilst opening the listener socket(), avoiding this problem. The "bar" descriptor already handles this by setting O_CLOEXEC in its FIFO open() call. --- communications.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/communications.c b/communications.c index 0c3358e..b4a8ca8 100644 --- a/communications.c +++ b/communications.c @@ -52,7 +52,7 @@ listen_for_commands(void) struct sockaddr_un sun; if ((rp_glob_screen.control_socket_fd = socket(AF_UNIX, - SOCK_STREAM | SOCK_NONBLOCK, 0)) == -1) + SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0)) == -1) err(1, "socket"); if (strlen(rp_glob_screen.control_socket_path) >= sizeof(sun.sun_path))