diff options
author | Ondrej Mosnacek <omosnace@redhat.com> | 2021-02-17 22:30:23 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-02-17 23:57:31 +0100 |
commit | 46eb78ff358724f5addf14e45f2cfc31542ede3c (patch) | |
tree | 2e8cc777f4a7564e8167e0343c2d19b347b49185 /THANKS | |
parent | 7d00e58157bc61168a057cde91a6e5b54dca573b (diff) |
libebtc: Open the lockfile with O_CLOEXEC
Otherwise the fd will leak to subprocesses (e.g. modprobe). That's
mostly benign, but it may trigger an SELinux denial when the modprobe
process transitions to another domain.
Fixes: 8b5594d7c21f ("add logic to support the --concurrent option: use a file lock to support concurrent scripts running ebtables")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'THANKS')
0 files changed, 0 insertions, 0 deletions