Set close-on-exec for the socket

git-core · git-core · commit 53f224132351 · 2012-07-23T17:19:51.000+04:00
An attacker could access the communication channel between su and Superuser
otherwise.
diff --git a/su.c b/su.c
@@ -169,6 +169,10 @@ static int socket_create_temp(char *path, size_t len)
         PLOGE("socket");
         return -1;
     }
+    if (fcntl(fd, F_SETFD, FD_CLOEXEC)) {
+        PLOGE("fcntl FD_CLOEXEC");
+        goto err;
+    }
 
     memset(&sun, 0, sizeof(sun));
     sun.sun_family = AF_LOCAL;
