MDEV-8743: fopen mode e (glibc only) to prevent galera SST scripts ac…

…cessing server files

For RemoteDatafile::read_link_file and buffer poool dumps

Note: STR_O_CLOEXEC needs to be at the end of the fopen otherwise
fopen will return EINVAL.

include/my_global.h

@@ -591,6 +591,11 @@ typedef SOCKET_SIZE_TYPE size_socket;
 #ifndef O_CLOEXEC
 #define O_CLOEXEC       0
 #endif
+#ifdef __GLIBC__
+#define STR_O_CLOEXEC "e"
+#else
+#define STR_O_CLOEXEC ""
+#endif
 #ifndef SOCK_CLOEXEC
 #define SOCK_CLOEXEC    0
 #endif

storage/innobase/buf/buf0dump.cc

@@ -275,7 +275,7 @@ buf_dump(
 	buf_dump_status(STATUS_INFO, "Dumping buffer pool(s) to %s",
 			full_filename);
 
-	f = fopen(tmp_filename, "w");
+	f = fopen(tmp_filename, "w" STR_O_CLOEXEC);
 	if (f == NULL) {
 		buf_dump_status(STATUS_ERR,
 				"Cannot open '%s' for writing: %s",
@@ -516,7 +516,7 @@ buf_load()
 	buf_load_status(STATUS_INFO,
 			"Loading buffer pool(s) from %s", full_filename);
 
-	f = fopen(full_filename, "r");
+	f = fopen(full_filename, "r" STR_O_CLOEXEC);
 	if (f == NULL) {
 		buf_load_status(STATUS_INFO,
 				"Cannot open '%s' for reading: %s",

storage/innobase/fsp/fsp0file.cc

@@ -1043,7 +1043,7 @@ char*
 RemoteDatafile::read_link_file(
 	const char*	link_filepath)
 {
-	FILE* file = fopen(link_filepath, "r+b");
+	FILE* file = fopen(link_filepath, "r+b" STR_O_CLOEXEC);
 	if (file == NULL) {
 		return(NULL);
 	}