mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 08:46:58 +08:00
erase cookie data before forking to unprivileged process.
This commit is contained in:
Nikos Mavrogiannopoulos
@@ -617,12 +617,14 @@ int main(int argc, char** argv)
|
||||
|
||||
pid = fork();
|
||||
if (pid == 0) { /* child */
|
||||
/* close any open descriptors before
|
||||
* running the server
|
||||
/* close any open descriptors, and erase
|
||||
* sensitive data before running the worker
|
||||
*/
|
||||
setproctitle(PACKAGE_NAME"-worker");
|
||||
close(cmd_fd[0]);
|
||||
clear_lists(&s);
|
||||
erase_cookies(&s);
|
||||
|
||||
setproctitle(PACKAGE_NAME"-worker");
|
||||
|
||||
ws.config = &config;
|
||||
ws.cmd_fd = cmd_fd[1];
|
||||
|
||||
Reference in New Issue
Block a user