Christophe Devriese added the comment:
It would already be a nice piece of progress if you could request the
SO_CLOEXEC (with fallback to FD_CLOEXEC), say, in the constructor, or even
with a module variable. I hope at least this change can make it in, so that
we have a decent in-python solution
Christophe Devriese added the comment:
I realize this bugreport cannot fix 35 years of a bad design decision in
linux. That's not the intention (that's a gordian knot I *will* be keeping a
safe distance from). The intention is to create a saner default situation
for most pytho
New submission from Christophe Devriese :
The specific issue this is creating is that a malicious user could use this
socket in a subprocess which is started from a library (ie. I'm using a .so,
which calls fork/exec).
A second failure mode is starting a daemon from withing, say, a d
