prevent tty fd to be inherited in the container

Set the close on exec flag on the pty fd so they are automatically closed when execing the container. Signed-off-by: Môshe van der Sterre <me@moshe.nl> Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>

prevent tty fd to be inherited in the container
b035ad62 · Môshe van der Sterre · Daniel Lezcano · 8de09ef5 · b035ad62
Commit b035ad62 authored Apr 20, 2009 by Môshe van der Sterre Committed by Daniel Lezcano Apr 20, 2009
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

conf.c src/lxc/conf.c +4 -0

No files found.
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -1738,6 +1738,10 @@ int lxc_create_tty(const char *name, struct lxc_tty_info *tty_info)
 			goto out_free;
 		}

+                /* Prevent leaking the file descriptors to the container */
+		fcntl(pty_info->master, F_SETFD, FD_CLOEXEC);
+		fcntl(pty_info->slave, F_SETFD, FD_CLOEXEC);
+
 		pty_info->busy = 0;
 	}