diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-07-14 13:12:01 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-07-20 14:53:15 +0200 |
commit | 33df919d5c4de51b88244d2e82ffe5c9c8abe950 (patch) | |
tree | 147e6b1622df2eac668a2d9b2904c5cd5eac5420 /src/core/execute.c | |
parent | fe048ce56ab430a73e7118df87cb9f0f3488be26 (diff) |
execute: make sure JoinsNamespaceOf= doesn't leak ns fds to executed processes
Diffstat (limited to 'src/core/execute.c')
-rw-r--r-- | src/core/execute.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/execute.c b/src/core/execute.c index 40466ad53c..7c178b97c3 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -3062,7 +3062,7 @@ int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id) { return r; if (c->private_network && (*rt)->netns_storage_socket[0] < 0) { - if (socketpair(AF_UNIX, SOCK_DGRAM, 0, (*rt)->netns_storage_socket) < 0) + if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, (*rt)->netns_storage_socket) < 0) return -errno; } |