From 05bb11f4827258e101a3674c1caf20f664f58eee Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Sat, 13 Feb 2021 20:12:34 +0100
Subject: [PATCH] LibIPC: Make received file descriptors close-on-exec by
 default

I noticed that programs running in the terminal had an open file
descriptor for the system theme buffer, inherited from the Terminal.

Let's be nice and always mark incoming fds with FD_CLOEXEC.
---
 Userland/Libraries/LibIPC/Decoder.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Userland/Libraries/LibIPC/Decoder.cpp b/Userland/Libraries/LibIPC/Decoder.cpp
index 5176d6ab12..8b1ec84053 100644
--- a/Userland/Libraries/LibIPC/Decoder.cpp
+++ b/Userland/Libraries/LibIPC/Decoder.cpp
@@ -30,6 +30,7 @@
 #include <LibIPC/Decoder.h>
 #include <LibIPC/Dictionary.h>
 #include <LibIPC/File.h>
+#include <fcntl.h>
 #include <string.h>
 #include <sys/socket.h>
 
@@ -175,6 +176,10 @@ bool Decoder::decode([[maybe_unused]] File& file)
         dbgln("recvfd: {}", strerror(errno));
         return false;
     }
+    if (fcntl(fd, F_SETFD, FD_CLOEXEC) < 0) {
+        dbgln("fcntl(F_SETFD, FD_CLOEXEC)", strerror(errno));
+        return false;
+    }
     file = File(fd, File::ConstructWithReceivedFileDescriptor);
     return true;
 #else