diff options
author | smitsohu <smitsohu@gmail.com> | 2021-05-16 15:48:14 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2021-05-16 15:48:14 +0200 |
commit | 825ac9cdc38c4285584e69d6f29102b149914dfe (patch) | |
tree | fd65f17f166a535f9a619c044022a3b933cc5f0c /src/firejail/pulseaudio.c | |
parent | Update disable-common.inc (diff) | |
download | firejail-825ac9cdc38c4285584e69d6f29102b149914dfe.tar.gz firejail-825ac9cdc38c4285584e69d6f29102b149914dfe.tar.zst firejail-825ac9cdc38c4285584e69d6f29102b149914dfe.zip |
open files O_CLOEXEC|O_EXCL
Dumb patch that adds O_CLOEXEC to all open/fopen
calls, even where it is obviously pointless.
While at it, also add O_EXCL where it might be
considered useful, for example to clear Coverity
warnings, or on files that subsequently are used
to configure a join sandbox.
Pure defense in depth, this patch should have no
observable effects.
Diffstat (limited to 'src/firejail/pulseaudio.c')
-rw-r--r-- | src/firejail/pulseaudio.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index 4b9203c36..97c022bad 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -106,7 +106,7 @@ void pulseaudio_init(void) { | |||
106 | errExit("asprintf"); | 106 | errExit("asprintf"); |
107 | if (copy_file(PULSE_CLIENT_SYSCONF, pulsecfg, -1, -1, 0644)) // root needed | 107 | if (copy_file(PULSE_CLIENT_SYSCONF, pulsecfg, -1, -1, 0644)) // root needed |
108 | errExit("copy_file"); | 108 | errExit("copy_file"); |
109 | FILE *fp = fopen(pulsecfg, "a"); | 109 | FILE *fp = fopen(pulsecfg, "ae"); |
110 | if (!fp) | 110 | if (!fp) |
111 | errExit("fopen"); | 111 | errExit("fopen"); |
112 | fprintf(fp, "%s", "\nenable-shm = no\n"); | 112 | fprintf(fp, "%s", "\nenable-shm = no\n"); |