Attached is a patch for upstart 0.2.7, as found in edgy. It marks the inotify instance file descriptor to be closed on exec.
The same patch should apply to 0.3.0 and 0.3.1. 0.3.2 will be released with the rewritten inotify code, which is not affected by this bug. ** Attachment added: "Patch for edgy" http://librarian.launchpad.net/6258662/upstart-0.2.7-inotify.patch ** Changed in: upstart (upstream) Importance: Undecided => Critical Assignee: (unassigned) => Scott James Remnant Status: Unconfirmed => Fix Committed Target: None => 0.3 -- File descriptor leak allows DoS https://launchpad.net/bugs/83099 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
