DavidSpickett wrote: I once again attempt to parse your PR description, armed with this understanding.
> Currently we're creating inheritable (~FD_CLOEXEC) file descriptors in the > (few) cases where we need to pass an FD to a subprocess. The problem with > these is that, in a multithreaded application such as lldb, there's > essentially no way to prevent them from being leaked into processes other > than the intended one. Because when you `execve`, all the open file descriptors remain even if you did not intend for all of them to do so. Because they do not have the FD_CLOEXEC flag set. You would have to track all the file descriptors you have open and arrange to close all the ones you don't want to be open after the `execve`. Or you can treat them in the reverse way... > A safer (though still not completely safe) approach is to mark the > descriptors as FD_CLOEXEC and only clear this flag in the subprocess. Which means you can clear the flag only for the descriptors that you want to survive the `execve`, leaving the majority to close. Which seems like the logically simpler way around, easier to implement correctly and maintain. Right? https://github.com/llvm/llvm-project/pull/126935 _______________________________________________ lldb-commits mailing list lldb-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-commits
