CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2014/11/22 17:14:22
Modified files:
lib/libc/gen : fts.c
Log message:
Merge from FreeBSD:
------------------------------------------------------------------------
r246641 | jilles | 2013-02-10 15:09:15 -0800 (Sun, 10 Feb 2013) | 8 lines
fts: Use O_DIRECTORY when opening name that might be changed by attacker.
There are uncommon cases where fts_safe_changedir() may be called with a
non-NULL name that is not "..". Do not block or worse if an attacker put (a
(symlink to) a fifo or device where a directory used to be.
MFC after: 1 week
------------------------------------------------------------------------
r241010 | jilles | 2012-09-27 15:05:54 -0700 (Thu, 27 Sep 2012) | 9 lines
libc/fts: Use O_CLOEXEC for internal file descriptors.
Because fts keeps internal file descriptors open across calls, making such
descriptors close-on-exec helps not only multi-threaded applications but
also single-threaded applications.
In particular, this prevents passing a temporary file descriptor for saving
the current directory to processes created via find -exec.
------------------------------------------------------------------------
ports scan for possible O_CLOEXEC affected programs by sthen@
ok millert@
