From f062b305b5ea2c77bb8286f8982f08e4c5b133ae Mon Sep 17 00:00:00 2001
From: Michal Sojka <sojkam1@fel.cvut.cz>
Date: Thu, 6 Jul 2017 22:25:16 +0200
Subject: [PATCH] procd: Do not leak pipe file descriptors to children

Without this change, a process started by procd can have access to
stdout/err of processes started by procd before.

Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
---
 rcS.c              | 1 +
 service/instance.c | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/rcS.c b/rcS.c
index 4ecf0c1..b1202bf 100644
--- a/rcS.c
+++ b/rcS.c
@@ -82,6 +82,7 @@ static void q_initd_run(struct runqueue *q, struct runqueue_task *t)
 
 	if (pid) {
 		close(pipefd[1]);
+		fcntl(pipefd[0], F_SETFD, FD_CLOEXEC);
 		s->fd.stream.string_data = true,
 		s->fd.stream.notify_read = pipe_cb,
 		runqueue_process_add(q, &s->proc, pid);
diff --git a/service/instance.c b/service/instance.c
index e5c4830..bb766ea 100644
--- a/service/instance.c
+++ b/service/instance.c
@@ -444,11 +444,13 @@ instance_start(struct service_instance *in)
 	if (opipe[0] > -1) {
 		ustream_fd_init(&in->_stdout, opipe[0]);
 		closefd(opipe[1]);
+		fcntl(opipe[0], F_SETFD, FD_CLOEXEC);
 	}
 
 	if (epipe[0] > -1) {
 		ustream_fd_init(&in->_stderr, epipe[0]);
 		closefd(epipe[1]);
+		fcntl(epipe[0], F_SETFD, FD_CLOEXEC);
 	}
 
 	service_event("instance.start", in->srv->name, in->name);
-- 
2.11.0