From ac1f5915673835ed2523342aebc51042880098c3 Mon Sep 17 00:00:00 2001
From: Karol Babioch <karol@babioch.de>
Date: Sun, 14 Oct 2018 21:58:58 +0200
Subject: [PATCH] Enable the close-on-exec flag for the debug log file
 descriptor

On Linux this flag will make sure that no file descriptor is
accidentally leaked into potential child processes. While this is not a
problem right now, it is considered to be good practice these days when
dealing with file descriptors on Linux.

Signed-off-by: Karol Babioch <karol@babioch.de>
---
 src/utils/wpa_debug.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/utils/wpa_debug.c b/src/utils/wpa_debug.c
index 3fe14ce27..a56462b8b 100644
--- a/src/utils/wpa_debug.c
+++ b/src/utils/wpa_debug.c
@@ -563,6 +563,14 @@ int wpa_debug_open_file(const char *path)
 		return -1;
 	}
 
+#ifdef __linux__
+	if (fcntl(out_fd, F_SETFD, FD_CLOEXEC) < 0) {
+		wpa_printf(MSG_DEBUG,
+			   "%s: Failed to set FD_CLOEXEC - continue without: %s",
+			   __func__, strerror(errno));
+	}
+#endif /* __linux__ */
+
 	out_file = fdopen(out_fd, "a");
 	if (out_file == NULL) {
 		wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open "