From d23edad6b9e106821e9aad84d07f9c52885d562c Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Fri, 19 Dec 2014 12:52:44 +0530
Subject: [PATCH] Prevent sockets launched for IPC communication on linux from
 being inherited by processes launched from the GUI

Previously only the listen socket was marked as CLOEXEC, now the actual
fd used for communication is also marked as CLOEXEC
---
 src/calibre/utils/ipc/server.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/calibre/utils/ipc/server.py b/src/calibre/utils/ipc/server.py
index e0edaee9f1..d0b14ac77e 100644
--- a/src/calibre/utils/ipc/server.py
+++ b/src/calibre/utils/ipc/server.py
@@ -112,6 +112,13 @@ if islinux:
             self._listener._socket.shutdown(socket.SHUT_RDWR)
             self._listener._socket.close()
 
+        def accept(self, *args, **kwargs):
+            ans = Listener.accept(self, *args, **kwargs)
+            fd = ans.fileno()
+            old_flags = fcntl.fcntl(fd, fcntl.F_GETFD)
+            fcntl.fcntl(fd, fcntl.F_SETFD, old_flags | fcntl.FD_CLOEXEC)
+            return ans
+
     def create_listener(authkey, backlog=4):
         # Use abstract named sockets on linux to avoid creating unnecessary temp files
         global _name_counter