source:
trunk/server/common/patches/httpd-suexec-cloexec.patch
@
2581
Last change on this file since 2581 was 1356, checked in by andersk, 15 years ago | |
---|---|
File size: 1.7 KB |
-
support/suexec.c
From: Stefan Fritsch <sf@apache.org> Date: Sat, 3 Oct 2009 13:46:48 +0000 Subject: suexec: Allow to log an error if exec fails by setting FD_CLOEXEC on the log file instead of closing it. PR: 10744 Submitted by: Nicolas Rachinsky Reviewed by: Stefan Fritsch Origin: upstream, http://svn.apache.org/viewvc?rev=821321&view=rev Bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=10744 --- support/suexec.c | 18 +++++++++--------- 1 files changed, 9 insertions(+), 9 deletions(-) diff --git a/support/suexec.c b/support/suexec.c index cb4e85f..85e1318 100644
a b 49 49 #include <stdio.h> 50 50 #include <stdarg.h> 51 51 #include <stdlib.h> 52 #include <fcntl.h> 52 53 #include <selinux/selinux.h> 53 54 54 55 #ifdef HAVE_PWD_H … … TRUSTED_DIRECTORY: 714 715 #endif /* AP_SUEXEC_UMASK */ 715 716 716 717 /* 717 * Be sure to close the log file so the CGI can't 718 * mess with it. If the exec fails, it will be reopened 719 * automatically when log_err is called. Note that the log 720 * might not actually be open if AP_LOG_EXEC isn't defined. 721 * However, the "log" cell isn't ifdef'd so let's be defensive 722 * and assume someone might have done something with it 723 * outside an ifdef'd AP_LOG_EXEC block. 718 * ask fcntl(2) to set the FD_CLOEXEC flag on the log file, 719 * so it'll be automagically closed if the exec() call succeeds. 724 720 */ 725 721 if (log != NULL) { 726 fclose(log); 727 log = NULL; 722 fflush(log); 723 setbuf(log,NULL); 724 if ((fcntl(fileno(log), F_SETFD, FD_CLOEXEC) == -1)) { 725 log_err("error: can't set close-on-exec flag"); 726 exit(122); 727 } 728 728 } 729 729 730 730 /*
Note: See TracBrowser
for help on using the repository browser.