Close all non-stdio FDs in virt-login-shell (CVE-2013-4400)
authorDaniel P. Berrange <berrange@redhat.com>
Wed, 9 Oct 2013 14:14:34 +0000 (15:14 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Mon, 21 Oct 2013 13:20:35 +0000 (14:20 +0100)
commit9ab478edaddd00708adc9ff99d5a48e3accecfe5
tree146bf267053fcf5435b275ce148897ea2bb19c11
parentbd047ba666122fd57f6cb39ac5795449d5ff26d2
Close all non-stdio FDs in virt-login-shell (CVE-2013-4400)

We don't want to inherit any FDs in the new namespace
except for the stdio FDs. Explicitly close them all,
just in case some do not have the close-on-exec flag
set.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit b7fcc799ad5d8f3e55b89b94e599903e3c092467)
tools/virt-login-shell.c