* iptables leaks a file descriptor before fork/exec
@ 2007-11-02 18:14 Tim Fenn
2007-11-06 0:31 ` Patrick McHardy
0 siblings, 1 reply; 2+ messages in thread
From: Tim Fenn @ 2007-11-02 18:14 UTC (permalink / raw)
To: netfilter-devel
As per a discussion I had on the fedora-selinux list
(https://www.redhat.com/archives/fedora-selinux-list/2007-October/msg00033.html),
Dan Walsh suggested filing a bug report in regards to a FD leak noticed
when tracking iptables with selinux - it appears a few
fcntl(fd, F_SETFD, FD_CLOEXEC)
calls are missing before fork/exec. See here for the details:
https://bugzilla.redhat.com/show_bug.cgi?id=364331
-Tim
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: iptables leaks a file descriptor before fork/exec
2007-11-02 18:14 iptables leaks a file descriptor before fork/exec Tim Fenn
@ 2007-11-06 0:31 ` Patrick McHardy
0 siblings, 0 replies; 2+ messages in thread
From: Patrick McHardy @ 2007-11-06 0:31 UTC (permalink / raw)
To: Tim Fenn; +Cc: netfilter-devel
Tim Fenn wrote:
> As per a discussion I had on the fedora-selinux list
> (https://www.redhat.com/archives/fedora-selinux-list/2007-October/msg00033.html),
> Dan Walsh suggested filing a bug report in regards to a FD leak noticed
> when tracking iptables with selinux - it appears a few
>
> fcntl(fd, F_SETFD, FD_CLOEXEC)
>
> calls are missing before fork/exec. See here for the details:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=364331
I can't test this myself since I don't run selinux, could you
send a patch for this?
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-11-06 0:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-11-02 18:14 iptables leaks a file descriptor before fork/exec Tim Fenn
2007-11-06 0:31 ` Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).