On Wed, 30 May 2007, Jeremy Fitzhardinge wrote:
>
> Some programs - legitimately, I think - scan /proc/self/fd to close
> everything. The question is whether the glibc-private fds should appear
> there. And something like a "close-on-fork" flag might be useful,
> though I guess glibc can keep track of its own fds closely enough to not
> need something like that.
Sure. I think there are things we can do (like make the non-linear fd's
appear somewhere else, and make them close-on-exec by default etc).
And it's not like it's necessarily at all the only way to do things.
I just threw it out as a possible solution - and one that is almost
certainly *superior* to trying to work around the fd thing with some
shared memory area which has tons of much more serious problems of its own
(*).
Linus
(*) Ranging from: specialized-only interfaces, inability to pass it
around, lack of any abstraction interfaces, and almost impossible to
debug. The security implications of kernel and user space sharing
read-write access to some shared area are also legion!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
