https://bugzilla.novell.com/show_bug.cgi?id=683744 https://bugzilla.novell.com/show_bug.cgi?id=683744#c0 Summary: Fortify rules seems to be ignored O_CLOEXEC for open(2) system call Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: i686 OS/Version: openSUSE 11.4 Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: pbaudis@novell.com ReportedBy: werner@novell.com QAContact: qa@suse.de CC: coolo@novell.com, ro@novell.com Found By: Development Blocker: --- My blog routines do the following static int bootlog_init(const int lvl __attribute__((__unused__))) { int ret = -1; struct stat st; if (stat(fifo_name, &st)) goto out; if (!S_ISFIFO(st.st_mode)) goto out; if ((fdfifo = open(fifo_name, O_WRONLY|O_NONBLOCK|O_NOCTTY|O_CLOEXEC)) < 0) goto out; ret = 0; out: return ret; } int bootlog(const int lvl, const char *fmt, ...) { va_list ap; int ret = -1; char * head = ESNN; char buf[4096]; if (fdfifo < 0 && bootlog_init(lvl) < 0) goto out; [...] this is used in startpar(8) at boot and I found in the strace of startpar at boot: stat64("/dev/blog", {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 open("/dev/blog", O_WRONLY|O_NONBLOCK|O_LARGEFILE) = 5 which is (IMHO) not what I've specified, isn't it? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.