On 2023-04-20 05:06, Cristian Rodríguez via Libc-alpha wrote:
Exactly, my understanding is that it is a futile exercise ..if one sufficient privilege at that stage one can do whatever is desired.. why even bother messing with the standard fds..
Making stdin unreadable is not meant to thwart a root-privileged attacker. As the comment in check_one_fd says, it's merely meant to catch bugs in programs that accidentally (for example) read from standard input even though there is no standard input. If standard input is /dev/null and readable, these buggy programs silently behave as if the input is the empty file, which is likely incorrect. In contrast, if standard input is not readable, these buggy programs will get a read error, which is more likely to cause them to report an error and alert users of the bug.
So let's leave glibc/csu/check_fds.c alone: it serves a useful purpose. PS. Sorry if this email is duplicate; I had mail server problems.
