From 77d331b258c220c9e014ced6664f57c828058494 Mon Sep 17 00:00:00 2001
From: apio <blobs.trading@gmail.com>
Date: Fri, 28 Oct 2022 17:13:45 +0200
Subject: [PATCH] init: Open /etc/motd with O_CLOEXEC to avoid leaking this
 file to children

---
 apps/src/init.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/apps/src/init.c b/apps/src/init.c
index cb054e0c..ff4bd6b3 100644
--- a/apps/src/init.c
+++ b/apps/src/init.c
@@ -1,4 +1,5 @@
 #include <errno.h>
+#include <fcntl.h>
 #include <luna.h>
 #include <stdio.h>
 #include <sys/wait.h>
@@ -6,10 +7,16 @@
 
 void show_motd()
 {
-    FILE* fp = fopen("/etc/motd", "r");
+    int fd = open("/etc/motd", O_RDONLY | O_CLOEXEC);
+    if (fd < 0)
+    {
+        if (errno != ENOENT) { perror("open"); }
+        return;
+    }
+    FILE* fp = fdopen(fd, "r");
     if (!fp)
     {
-        if (errno != ENOENT) { perror("fopen"); }
+        perror("fopen");
         return;
     }