diff mbox series

[v2,2/5] libtracefs: Close the filter file descriptor on exec()

Message ID 20210408133431.2023697-3-rostedt@goodmis.org (mailing list archive)
State Accepted
Commit 85b62be4da5dad138a8c8a57648473d8ebc55e0c
Headers show
Series libtracefs: Update filtering functions | expand

Commit Message

Steven Rostedt April 8, 2021, 1:34 p.m. UTC 
From: "Steven Rostedt (VMware)" <rostedt@goodmis.org>

There's no reason to keep the function filter file descriptor open if the
application does an exec(). That can end up being a security issue. Best
to set O_CLOEXEC flag when opening such that if the application leaves the
file open and does an exec, it will be closed and the exec code does not
have write permission into that file.

If someone wants to have the file descriptor opened, then they need to
open code the access to the file themselves, and if they want to use the
API for such a use case, then they should submit a bugzilla with an
enhancement request.

Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
---
 src/tracefs-tools.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/src/tracefs-tools.c b/src/tracefs-tools.c
index cb07b6f..92e3f72 100644
--- a/src/tracefs-tools.c
+++ b/src/tracefs-tools.c
@@ -853,7 +853,7 @@  int tracefs_function_filter(struct tracefs_instance *instance, const char *filte
 	open_flags = reset ? O_TRUNC : O_APPEND;
 
 	if (*fd < 0)
-		*fd = open(ftrace_filter_path, O_WRONLY | open_flags);
+		*fd = open(ftrace_filter_path, O_WRONLY | O_CLOEXEC | open_flags);
 	tracefs_put_tracing_file(ftrace_filter_path);
 	if (*fd < 0)
 		goto out_free;