diff options
author | Denys Vlasenko | 2016-08-20 15:58:34 +0200 |
---|---|---|
committer | Denys Vlasenko | 2016-08-20 15:58:34 +0200 |
commit | 7b25b1c5b2794a499c8ae99db75830a6d564561e (patch) | |
tree | c136ae68fd879d80277eebac0ef7686b749181df /shell/hush_test/hush-leak | |
parent | 869994cf4f9647fdfb519a1945f8582e71d3df3d (diff) | |
download | busybox-7b25b1c5b2794a499c8ae99db75830a6d564561e.zip busybox-7b25b1c5b2794a499c8ae99db75830a6d564561e.tar.gz |
hush: do not leak script fds into NOEXEC children
We set all opened script fds to CLOEXEC, thus making then go away
after fork+exec.
Unfortunately, CLOFORK does not exist. NOEXEC children will still see those fds open.
For one, "ls" applet is NOEXEC. Therefore running "ls -l /proc/self/fd"
in a script from standalone shell shows this:
lrwx------ 1 root root 64 Aug 20 15:17 0 -> /dev/pts/3
lrwx------ 1 root root 64 Aug 20 15:17 1 -> /dev/pts/3
lrwx------ 1 root root 64 Aug 20 15:17 2 -> /dev/pts/3
lr-x------ 1 root root 64 Aug 20 15:17 3 -> /path/to/top/level/script
lr-x------ 1 root root 64 Aug 20 15:17 4 -> /path/to/sourced/SCRIPT1
...
with as many open fds as there are ". SCRIPTn" nest levels.
Fix it by closing these fds after fork (only for NOEXEC children).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'shell/hush_test/hush-leak')
0 files changed, 0 insertions, 0 deletions