Use O_CLOEXEC in util packages

This prevents fd's from leaking to subprocesses.
2019-03-15 12:18:21 -07:00
parent 0051db89a7
commit 7077bbd783
2 changed files with 2 additions and 2 deletions
--- a/pkg/util/mount/mount_linux.go
+++ b/pkg/util/mount/mount_linux.go
@@ -497,7 +497,7 @@ func ExclusiveOpenFailsOnDevice(pathname string) (bool, error) {
 		klog.Errorf("Path %q is not referring to a device.", pathname)
 		return false, nil
 	}
-	fd, errno := unix.Open(pathname, unix.O_RDONLY|unix.O_EXCL, 0)
+	fd, errno := unix.Open(pathname, unix.O_RDONLY|unix.O_EXCL|unix.O_CLOEXEC, 0)
 	// If the device is in use, open will return an invalid fd.
 	// When this happens, it is expected that Close will fail and throw an error.
 	defer unix.Close(fd)