On Wed, Sep 02, 2009 at 04:22:41PM -0700, Bill Sommerfeld wrote:
>
> On Wed, 2009-09-02 at 19:12 -0400, James Carlson wrote:
> > I think that's slightly inferior: it requires an extra fd for no reason
> > at all and thus adds an unnecessary failure mode. I like the close(0),
> > open, dup2(0,1), dup2(0,2) model better. And closing 1 and 2 first is
> > even better for (implausible) security reasons.
>
> on the other hand, the {close(0); open(), dup2, dup2 } sequence is only
> guaranteed to work as desired in a single-threaded process with no
> signal handlers able to run. otherwise, a different thread or signal
> handler could get in sideways between the close() and the open() and nab
> fd 0.
Oh, good point. I'd discounted threads here because we're doing fork()
(which is not forkall() nowadays). But there's signals.
