[Pcsclite-muscle] add SOCK_CLOEXEC for client connections

Stefani Seibold stefani
Mon Jul 7 05:24:07 PDT 2014


Hi,

this patch fix a small security and usability problem for pcsc-lite
client connections by adding a SOCK_CLOEXEC to the socket() call.

An application which use the pcsc-lite should never pass the socket file
descriptor to its child processes. This make no sense, since the child
have no idea what to do with the handle. 

It will also fix a usability issue. Imaging the process will start a
long running child (for example a daemon) and then the process will be
terminated. Once the process will be restarted it can not access the
smartcard since the daemon will still have the file descriptor open. 

The following patch will fix this isssue.

Greetings,
Stefani

diff -u -N -r -p pcsc-lite-1.8.11.orig/src/winscard_msg.c pcsc-lite-1.8.11/src/winscard_msg.c
--- pcsc-lite-1.8.11.orig/src/winscard_msg.c	2014-02-14 17:15:44.000000000 +0100
+++ pcsc-lite-1.8.11/src/winscard_msg.c	2014-07-07 14:05:13.745142762 +0200
@@ -79,6 +79,10 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE PO
 
 #else
 
+#ifndef SOCK_CLOEXEC
+#define SOCK_CLOEXEC 0
+#endif
+
 /* functions used by libpcsclite only */
 
 char *getSocketName(void)
@@ -119,7 +123,7 @@ INTERNAL int ClientSetupSession(uint32_t
 	int ret;
 	char *socketName;
 
-	ret = socket(PF_UNIX, SOCK_STREAM, 0);
+	ret = socket(PF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
 	if (ret < 0)
 	{
 		Log2(PCSC_LOG_CRITICAL, "Error: create on client socket: %s",







More information about the pcsclite-muscle mailing list