diff options
author | Fabricio Voznika <fvoznika@google.com> | 2018-06-11 16:44:56 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-06-11 16:45:50 -0700 |
commit | ea4a468fbaacd55597ce89e3eabd2bb42746427b (patch) | |
tree | c64597a674bab1ad962c1abe8f456fc1e73a63b0 /pkg/sentry/socket/epsocket/epsocket.go | |
parent | ab2c2575d61266725ce13dff570663464a171342 (diff) |
Set CLOEXEC option to sockets
hostinet/socket.go: the Sentry doesn't spawn new processes, but it doesn't hurt to protect the socket from leaking.
unet/unet.go: should be setting closing on exec. The FD is explicitly donated to children when needed.
PiperOrigin-RevId: 200135682
Change-Id: Ia8a45ced1e00a19420c8611b12e7a8ee770f89cb
Diffstat (limited to 'pkg/sentry/socket/epsocket/epsocket.go')
0 files changed, 0 insertions, 0 deletions