
Mark McLoughlin <markmc@redhat.com> wrote:
Implement a sane policy around our use of FD_CLOEXEC:
1) Every descriptor which shouldn't be passed to child processes should have the flag set
2) Let exec() do the descriptor closing, rather than us doing it ourselves ... - for (i = 0; i < open_max; i++) { - if (i != STDOUT_FILENO && - i != STDERR_FILENO && - i != STDIN_FILENO) - close(i); - else if (errors == NO_ERRORS) - dup2(null, i); + if (errors == NO_ERRORS) { + dup2(null, STDIN_FILENO); + dup2(null, STDOUT_FILENO); + dup2(null, STDERR_FILENO); + close(null); }
True, dup2 failure wasn't checked before either, but it *can* fail. Best to diagnose it, just in case.