-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Eric Dumazet wrote: > I am afraid randomization wont really work if /sbin/init or /bin/bash > for example uses one (or more) unseq fd : > The 'random base' will be propagated at fork()/exec() time ?
The base certainly should be reset o fork. Yes, this might expand the region in which descriptors are allocated due to inherited descriptors. But I consider this the application's problem and it usually is not really an issue. Apps have to explicitly request using the new descriptors and they can use CLOEXEC (CLOFORK) correctly. - -- ➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGaGgQ2ijCOnn/RHQRAutyAKChp9KT9NVfUTD76GRhyY62GUTtaACglgxi N/4+vmcUPEYtLmUTYKVjMvg= =otvw -----END PGP SIGNATURE----- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
