aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2017-02-19 13:23:51 +0100
committerGuilhem Moulin <guilhem@fripost.org>2017-02-19 13:23:51 +0100
commitbbbd329e9a1274d0a7bfb7b741894f5417b43538 (patch)
treeb7b772754188a2839c85bfbc85babfe185ee0136
parentfc117d6513dfa1e6287927a9b95ac0558eaea951 (diff)
Ensure lacme's config file descriptor has the FD_CLOEXEC bit set.
-rw-r--r--Changelog2
-rwxr-xr-xlacme2
2 files changed, 4 insertions, 0 deletions
diff --git a/Changelog b/Changelog
index 0336e5b..d9aacd0 100644
--- a/Changelog
+++ b/Changelog
@@ -2,6 +2,8 @@ lacme (0.3) upstream;
- When parsing config-cert files and directories (default "lacme-certs.conf
lacme-certs.conf.d"), import the default section of files read earlier.
+ - Ensure lacme's config file descriptor is not passed to the accountd
+ or webserver components.
-- Guilhem Moulin <guilhem@guilhem.org> Sun, 19 Feb 2017 13:08:41 +0100
diff --git a/lacme b/lacme
index 6c7f48d..8cbed17 100755
--- a/lacme
+++ b/lacme
@@ -68,6 +68,7 @@ $COMMAND = $COMMAND =~ /\A(new-reg|reg=\p{Print}*|new-cert|revoke-cert)\z/ ? $1
: usage(1, "Invalid command: $COMMAND"); # validate and untaint $COMMAND
@ARGV = map { /\A(\p{Print}*)\z/ ? $1 : die } @ARGV; # untaint @ARGV
+sub set_FD_CLOEXEC($$);
my $CONFFILENAME = $OPTS{config} // first { -f $_ }
( "./$NAME.conf"
, ($ENV{XDG_CONFIG_HOME} // "$ENV{HOME}/.config")."/lacme/$NAME.conf"
@@ -79,6 +80,7 @@ do {
open $CONFFILE, '<', $CONFFILENAME or die "Can't open $CONFFILENAME: $!\n";
my $conf = do { local $/ = undef; <$CONFFILE> };
# don't close $CONFFILE so we can pass it to the client
+ set_FD_CLOEXEC($CONFFILE, 1);
my $h = Config::Tiny::->read_string($conf) or die Config::Tiny::->errstr()."\n";
my $defaults = delete $h->{_} // {};