> unshare(CLONE_FILES); > /* we don't want anything past stderr here */ > close_range(3, ~0U); > execve(....);
Yes please. nextfd(2) https://lkml.org/lkml/2012/4/1/71 fdmap(2) https://marc.info/?t=150628366900006&r=1&w=4 I like fdmap more.
- Re: [PATCH 0/4] uapi, vfs: Change the mount API UAP... Al Viro
- Re: [PATCH 0/4] uapi, vfs: Change the mount API UAP... Christian Brauner
- Re: [PATCH 0/4] uapi, vfs: Change the mount API... Al Viro
- Re: [PATCH 0/4] uapi, vfs: Change the mount... Christian Brauner
- Re: [PATCH 0/4] uapi, vfs: Change the mount... Dmitry V. Levin
- Re: [PATCH 0/4] uapi, vfs: Change the m... Christian Brauner
- Re: [PATCH 0/4] uapi, vfs: Change the mount... Christian Brauner
- Re: [PATCH 0/4] uapi, vfs: Change the mount... David Howells
- Re: [PATCH 0/4] uapi, vfs: Change the m... Miklos Szeredi
- Re: [PATCH 0/4] uapi, vfs: Change the m... Christian Brauner
- Re: [PATCH 0/4] uapi, vfs: Change the mount API UAPI [ve... Alexey Dobriyan
