Matt Selsky said: > I think we close all FDs in order to reduce the number of FDs open with our > old security context. Eg, if we seteuid() after fork, we want to drop all FDs > opened with root privileges.
That would make sense if we were talking about some big complicated program with lots open files that had suddenly decided to fork and change uid. But we should understand what is going on. Where are the FDs opened with old security context coming from? There is code to reopen/dup stdin, stdout, and stderr as /dev/null I've preserved that. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
