[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [nmh-workers] closefds() _before_ fork?
From: |
Ken Hornstein |
Subject: |
Re: [nmh-workers] closefds() _before_ fork? |
Date: |
Tue, 23 Apr 2019 11:41:33 -0400 |
>> I agree with the general principle that if we open it, we track it, and
>> then close it so it doesn't reach the child, typically with O_CLOEXEC or
>> FD_CLOEXEC. ...
>
>to that end, i propose that we treat any open descriptor N>2 at the time
>of an exec() to be a bug, which is to be fixed by setting O_CLOEXEC at
>time of creation.
+1.
There are a few sneaky spots where we have to be careful; sometimes a
file is opened and then expected to be used as stdin for a child process;
there is also the unusual case of the -idanno flag, and it wouldn't surprise
me if there was another use of a file descriptor passed down to a child
process that I didn't know about.
I realize that dup2() clears the FD_CLOEXEC flag on the new file
descriptor so the "normal" case of an opened file being dup2() down to 0
would work correctly, but the wrinkle is that it does NOT if the old and
new file descriptor are the same. That is admittedly unlikely, but it
could happen in a few cases so I'd like to be as robust as possible.
It seems like the right way forward, given that nowadays there are a lot
of spots where we could fork another process off, is that every descriptor
we open should have FD_CLOEXEC set (I added that to the networking code).
Considering we haven't done that in the past for a lot of cases it doesn't
seem like there's a lot of urgency, but we'll file this under "ongoing
cleanup"
--Ken
- Re: [nmh-workers] closefds() _before_ fork?, (continued)
- Re: [nmh-workers] closefds() _before_ fork?, Robert Elz, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Valdis Klētnieks, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Robert Elz, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Valdis Klētnieks, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Ralph Corderoy, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Paul Vixie, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?,
Ken Hornstein <=
- Re: [nmh-workers] closefds() _before_ fork?, Ralph Corderoy, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Ken Hornstein, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Tom Lane, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Ken Hornstein, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Andy Bradford, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Ken Hornstein, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Andy Bradford, 2019/04/24
- Message not available
- Re: [nmh-workers] closefds() _before_ fork?, Ken Hornstein, 2019/04/25
- Re: [nmh-workers] closefds() _before_ fork?, Robert Elz, 2019/04/23
- Re: [nmh-workers] closefds() _before_ fork?, Ken Hornstein, 2019/04/23