c76d6f02d4
Sun Jan 25 2004 Dan Walsh <dwalsh@redhat.com> 1.2.9-1.2 - Close File descriptors to prevent SELinux error message Wed Jan 07 2004 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.1 - rebuild
43 lines
1.0 KiB
Diff
43 lines
1.0 KiB
Diff
--- iptables-1.2.9/ip6tables.c.selinux 2004-01-25 13:39:58.652465653 -0500
|
|
+++ iptables-1.2.9/ip6tables.c 2004-01-25 13:52:50.291335019 -0500
|
|
@@ -1587,6 +1587,7 @@
|
|
{
|
|
char *buf = NULL;
|
|
char *argv[3];
|
|
+ int i=0;
|
|
|
|
/* If they don't explicitly set it, read out of kernel */
|
|
if (!modprobe) {
|
|
@@ -1598,6 +1599,10 @@
|
|
|
|
switch (fork()) {
|
|
case 0:
|
|
+ /* close open file descriptors */
|
|
+ for (i=0; i< 10; i++) {
|
|
+ close(i);
|
|
+ }
|
|
argv[0] = (char *)modprobe;
|
|
argv[1] = (char *)modname;
|
|
argv[2] = NULL;
|
|
--- iptables-1.2.9/iptables.c.selinux 2004-01-25 13:39:58.702460379 -0500
|
|
+++ iptables-1.2.9/iptables.c 2004-01-25 13:52:55.940802957 -0500
|
|
@@ -1583,6 +1583,7 @@
|
|
{
|
|
char *buf = NULL;
|
|
char *argv[3];
|
|
+ int i=0;
|
|
|
|
/* If they don't explicitly set it, read out of kernel */
|
|
if (!modprobe) {
|
|
@@ -1594,6 +1595,10 @@
|
|
|
|
switch (fork()) {
|
|
case 0:
|
|
+ /* close open file descriptors */
|
|
+ for (i=0; i< 10; i++) {
|
|
+ close(i);
|
|
+ }
|
|
argv[0] = (char *)modprobe;
|
|
argv[1] = (char *)modname;
|
|
argv[2] = NULL;
|