mirror of
https://github.com/hyprwm/Hyprland
synced 2024-11-23 01:05:59 +01:00
Avoid passing control unix socket descriptors to children (#2656)
Add SOCK_CLOEXEC flags to server side connection FDs to make them closed during execve(2).
This commit is contained in:
parent
8407a9af0a
commit
0c974b7236
2 changed files with 4 additions and 4 deletions
|
@ -1305,7 +1305,7 @@ int hyprCtlFDTick(int fd, uint32_t mask, void* data) {
|
|||
sockaddr_in clientAddress;
|
||||
socklen_t clientSize = sizeof(clientAddress);
|
||||
|
||||
const auto ACCEPTEDCONNECTION = accept(HyprCtl::iSocketFD, (sockaddr*)&clientAddress, &clientSize);
|
||||
const auto ACCEPTEDCONNECTION = accept4(HyprCtl::iSocketFD, (sockaddr*)&clientAddress, &clientSize, SOCK_CLOEXEC);
|
||||
|
||||
char readBuffer[1024];
|
||||
|
||||
|
@ -1336,7 +1336,7 @@ int hyprCtlFDTick(int fd, uint32_t mask, void* data) {
|
|||
|
||||
void HyprCtl::startHyprCtlSocket() {
|
||||
|
||||
iSocketFD = socket(AF_UNIX, SOCK_STREAM, 0);
|
||||
iSocketFD = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
|
||||
|
||||
if (iSocketFD < 0) {
|
||||
Debug::log(ERR, "Couldn't start the Hyprland Socket. (1) IPC will not work.");
|
||||
|
|
|
@ -60,7 +60,7 @@ int fdHandleWrite(int fd, uint32_t mask, void* data) {
|
|||
|
||||
void CEventManager::startThread() {
|
||||
m_tThread = std::thread([&]() {
|
||||
const auto SOCKET = socket(AF_UNIX, SOCK_STREAM, 0);
|
||||
const auto SOCKET = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
|
||||
|
||||
if (SOCKET < 0) {
|
||||
Debug::log(ERR, "Couldn't start the Hyprland Socket 2. (1) IPC will not work.");
|
||||
|
@ -82,7 +82,7 @@ void CEventManager::startThread() {
|
|||
Debug::log(LOG, "Hypr socket 2 started at %s", socketPath.c_str());
|
||||
|
||||
while (1) {
|
||||
const auto ACCEPTEDCONNECTION = accept(SOCKET, (sockaddr*)&clientAddress, &clientSize);
|
||||
const auto ACCEPTEDCONNECTION = accept4(SOCKET, (sockaddr*)&clientAddress, &clientSize, SOCK_CLOEXEC);
|
||||
|
||||
if (ACCEPTEDCONNECTION > 0) {
|
||||
// new connection!
|
||||
|
|
Loading…
Reference in a new issue