git: 58811b0ae096 - main - jail: open the fstab files with fopen("re")

From: Kyle Evans <kevans_at_FreeBSD.org>
Date: Wed, 06 May 2026 23:29:17 UTC 
The branch main has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=58811b0ae096c134af372bcf475aea1d8d0e3c08

commit 58811b0ae096c134af372bcf475aea1d8d0e3c08
Author:     Jan Bramkamp <crest+freebsd@rlwinm.de>
AuthorDate: 2026-05-06 23:28:53 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2026-05-06 23:28:53 +0000

    jail: open the fstab files with fopen("re")
    
    This protects against accidentally leaking them past fork()+exec()
    in future refactorings.
    
    PR:             295052
    Reviewed by:    kevans
---
 usr.sbin/jail/config.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.sbin/jail/config.c b/usr.sbin/jail/config.c
index f1e2da215790..188f48732561 100644
--- a/usr.sbin/jail/config.c
+++ b/usr.sbin/jail/config.c
@@ -726,7 +726,7 @@ check_intparams(struct cfjail *j)
 		TAILQ_FOREACH(s, &j->intparams[IP_MOUNT_FSTAB]->val, tq) {
 			if (s->len == 0)
 				continue;
-			f = fopen(s->s, "r");
+			f = fopen(s->s, "re");
 			if (f == NULL) {
 				jail_warnx(j, "mount.fstab: %s: %s",
 				    s->s, strerror(errno));