git.samba.org / asn / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 92e801a)
source3/libsmb/unexpected.c set socket close on exec
authorGary Lockyer <gary@catalyst.net.nz>
Sun, 10 Dec 2017 20:54:34 +0000 (09:54 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Mon, 18 Dec 2017 03:38:20 +0000 (04:38 +0100)
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source3/libsmb/unexpected.c patch | blob | history

diff --git a/source3/libsmb/unexpected.c b/source3/libsmb/unexpected.c
index c645fbce7e46eb246676b6ec2db552bf7cad4ff8..dd9ff7a22e10c0ad53c30c471d26621ddec3bc8c 100644 (file)
--- a/source3/libsmb/unexpected.c
+++ b/source3/libsmb/unexpected.c
@@ -157,6 +157,7 @@ static void nb_packet_server_listener(struct tevent_context *ev,
        if (sock == -1) {
                return;
        }
+       smb_set_close_on_exec(sock);
        DEBUG(6,("accepted socket %d\n", sock));
 
        client = talloc_zero(server, struct nb_packet_client);
guru meditation