maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
llvm-project/clang-tools-extra/docs/clang-tidy/checks/android-cloexec-accept.rst

19 lines
434 B
ReStructuredText
Raw Blame History

.. title:: clang-tidy - android-cloexec-accept
android-cloexec-accept
======================
The usage of ``accept()`` is not recommended, it's better to use ``accept4()``.
Without this flag, an opened sensitive file descriptor would remain open across
a fork+exec to a lower-privileged SELinux domain.
Examples:
.. code-block:: c++
accept(sockfd, addr, addrlen);
// becomes
accept4(sockfd, addr, addrlen, SOCK_CLOEXEC);
Reference in New Issue View Git Blame Copy Permalink