netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* iptables leaks a file descriptor before fork/exec
@ 2007-11-02 18:14 Tim Fenn
  2007-11-06  0:31 ` Patrick McHardy
  0 siblings, 1 reply; 2+ messages in thread
From: Tim Fenn @ 2007-11-02 18:14 UTC (permalink / raw)
  To: netfilter-devel

As per a discussion I had on the fedora-selinux list
(https://www.redhat.com/archives/fedora-selinux-list/2007-October/msg00033.html),
Dan Walsh suggested filing a bug report in regards to a FD leak noticed
when tracking iptables with selinux - it appears a few

fcntl(fd, F_SETFD, FD_CLOEXEC)

calls are missing before fork/exec.  See here for the details:

https://bugzilla.redhat.com/show_bug.cgi?id=364331

-Tim

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-11-06  0:31 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-11-02 18:14 iptables leaks a file descriptor before fork/exec Tim Fenn
2007-11-06  0:31 ` Patrick McHardy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).