Summary: | opens files without CLOEXEC | ||
---|---|---|---|
Product: | poppler | Reporter: | Christian Persch (GNOME) <chpe> |
Component: | general | Assignee: | poppler-bugs <poppler-bugs> |
Status: | RESOLVED MOVED | QA Contact: | |
Severity: | normal | ||
Priority: | medium | ||
Version: | unspecified | ||
Hardware: | Other | ||
OS: | All | ||
Whiteboard: | |||
i915 platform: | i915 features: | ||
Attachments: | patch |
Description
Christian Persch (GNOME)
2018-08-16 20:22:06 UTC
Please explain the rationale for this patch When a file isn't opened with O_CLOEXEC, and the process using the poppler library fork()+exec()es, the open file descriptor will leak from it to the spawned process, giving the new process access to a file it should not have access to. -- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/poppler/poppler/issues/170. |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.