On Sat, 2 Sep 2000, Jamie Lokier wrote:
> dean gaudet wrote:
> > an example of brokenness in the traditional fd API is close-on-exec --
> > there's a race between open()/socket()/pipe() and fcntl(FD_CLOEXEC) during
> > which if another thread does a fork() it's possible the child will inherit
> > an fd it shouldn't... working around it is painful. the model which
Really? Like, say it, close() before exec()?
> > NT/OS2 use for creating a new process scales better in the 99.99% case of
> > stdin/out/err -- you only specify those fds you want to keep in the new
> > process.
>
> An obvious solution presents itself. O_CLOEXEC.
Even more obvious solution: close what you need to close if you have
sensitive descriptors around. Close-on-exec is a kludge. If you have
sensitive pieces of descriptor table you want to do some other things too
- e.g. make sure that it gets unshared before exec(). Because new
descriptors of that kind are very likely to follow...
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:13 EST