-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This patch looks good to me. acked. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlD+qIwACgkQrlYvE4MpobMy1QCffAkqcUO/gJdMxxMzm7HxcBWq 49sAoLkREjdK2Kxstqf4zjZyOEEOw1oQ =2Seb -----END PGP SIGNATURE-----
>From 185c9e4532c78e03839127a65f539498a9935033 Mon Sep 17 00:00:00 2001 From: Eric Paris <eparis@xxxxxxxxxx> Date: Wed, 12 Dec 2012 10:22:38 -0500 Subject: [PATCH 67/84] libselinux: selinux_status_open: do not leak statusfd on exec Signed-off-by: Eric Paris <eparis@xxxxxxxxxx> --- libselinux/src/sestatus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libselinux/src/sestatus.c b/libselinux/src/sestatus.c index 3a4e658..ed29dc5 100644 --- a/libselinux/src/sestatus.c +++ b/libselinux/src/sestatus.c @@ -268,7 +268,7 @@ int selinux_status_open(int fallback) return -1; snprintf(path, sizeof(path), "%s/status", selinux_mnt); - fd = open(path, O_RDONLY); + fd = open(path, O_RDONLY | O_CLOEXEC); if (fd < 0) goto error; -- 1.8.1
