about summary refs log tree commit homepage
path: root/lib/PublicInbox/Daemon.pm
diff options
context:
space:
mode:
authorEric Wong <e@80x24.org>2021-01-22 20:01:19 +0000
committerEric Wong <e@80x24.org>2021-01-24 10:09:51 +0000
commitcea37260f3d63a4e497f0e5803d2a40c6f89dc0d (patch)
treefccee9d60a0c66c5b269c45996e3621defad6eea /lib/PublicInbox/Daemon.pm
parent6a0a324f2dd354c17ccc7a97604c5b1e17bea18e (diff)
downloadpublic-inbox-cea37260f3d63a4e497f0e5803d2a40c6f89dc0d.tar.gz
This prevents name conflicts leading to retries and slowdowns in
temporary file name generation.  No actual data corruption
resulted because all temporary files are opened with O_EXCL
anyways.

This may increase security for IMAP, NNTP, and HTTPS sessions
using TLS, but it's all public data anyways.
Diffstat (limited to 'lib/PublicInbox/Daemon.pm')
-rw-r--r--lib/PublicInbox/Daemon.pm3
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/PublicInbox/Daemon.pm b/lib/PublicInbox/Daemon.pm
index f5543c85..b5f97d81 100644
--- a/lib/PublicInbox/Daemon.pm
+++ b/lib/PublicInbox/Daemon.pm
@@ -533,10 +533,13 @@ EOF
                 if ($n <= $want) {
                         PublicInbox::DS::block_signals() if !$sigfd;
                         for my $i ($n..$want) {
+                                my $seed = rand(0xffffffff);
                                 my $pid = fork;
                                 if (!defined $pid) {
                                         warn "failed to fork worker[$i]: $!\n";
                                 } elsif ($pid == 0) {
+                                        srand($seed);
+                                        eval { Net::SSLeay::randomize() };
                                         $set_user->() if $set_user;
                                         return $p0; # run normal work code
                                 } else {