From c31a7b1ab47807f01613a571cc480f79d5fb4181 Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Fri, 1 Jul 2022 21:28:52 -0700 Subject: conn, device, tun: set CLOEXEC on fds Signed-off-by: Brad Fitzpatrick Signed-off-by: Jason A. Donenfeld --- conn/bind_linux.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'conn') diff --git a/conn/bind_linux.go b/conn/bind_linux.go index f11f031..03e8707 100644 --- a/conn/bind_linux.go +++ b/conn/bind_linux.go @@ -331,7 +331,7 @@ func create4(port uint16) (int, uint16, error) { fd, err := unix.Socket( unix.AF_INET, - unix.SOCK_DGRAM, + unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, 0, ) if err != nil { @@ -373,7 +373,7 @@ func create6(port uint16) (int, uint16, error) { fd, err := unix.Socket( unix.AF_INET6, - unix.SOCK_DGRAM, + unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, 0, ) if err != nil { -- cgit v1.2.3