From: Tomáš S. <tsm...@re...> - 2008-03-17 08:44:36
|
Hello, I'm attaching a patch that sets FD_CLOEXEC on the opened device file descriptor. The descriptor is otherwise leaked to other applications (mail sender) which may be considered a security risk and may result in AVC messages on SELinux-enabled systems. -- Tomáš Smetana |