On Sat, Apr 10, 2021 at 05:04:11PM -0700, Greg A. Woods wrote: > At Sun, 11 Apr 2021 01:37:44 +0700, Robert Elz <k...@munnari.oz.au> wrote: > Subject: Re: Possible "new" redirect style for /bin/sh (needs a name) > > > > Because of the way the system calls work: everything allocating fds (in the > > kernel) allocates upwards. > > So, still, the shell could keep a "high FD watermark" for the range of > the FDs allocated by "{var}>file" and open them the normal way then move > them with dup2() to the next lower (i.e. unused) FD below this high FD > watermark, and reduce it in turn. If I'm not mistaken the initial value > for the high FD watermark could be set to sysconf(_SC_OPEN_MAX)-1.
I thought of this "mapping" too (using big numbers for "named fds" but mapping them to real small ones). Except it doesn't address the security problem and the hiatus with user's "hard coded" redirections. Say the "faked" 32767 is really mapped to "3". What happens if the user redirects directly to "3" in the script? This will impose to map in fact all fds numbers, not only "high" ones. And since there is already a processing cost... This is why I was proposing the name only feature to have a simple (from the proposal point of view) test against the type of the redirection ("named fd" or not) to be able to discriminate at one point only with a test that from theoretic stand point seemed not costly (a number limit and a flag). Except that as Robert has explained, it's not easy to hook such a behavior during the parsing with the implementation. -- Thierry Laronde <tlaronde +AT+ polynum +dot+ com> http://www.kergis.com/ http://kertex.kergis.com/ http://www.sbfa.fr/ Key fingerprint = 0FF7 E906 FBAF FE95 FD89 250D 52B1 AE95 6006 F40C