#62 should set FD_CLOEXEC on fds on unix

High_Severity
closed-fixed
Tom Woodburn
Other (8)
5
2002-03-22
2002-03-21
Tom Woodburn
No

On UNIX, we should set FD_CLOEXEC on the file
descriptors for the CSP private key files and the MDS
database files. The reason is to prevent exec'ed
programs (which might run as a different user) from
accessing the files.

The fix touches the following files:

./cdsa/src/addins/intel/cssmdl/flatfile/ff_port.c
./cdsa/src/addins/intel/maf/CSM/keymgr/csm_keymgr_db.c

Discussion

  • Tom Woodburn
    Tom Woodburn
    2002-03-22

    • status: open --> closed-fixed