[Savonet-devl] [dev.sourcefabric.org] Created: (LS-512) External processes inherit opened file descriptor, including opened sockets.

Sun, 24 Apr 2011 12:26:33 -0700 

External processes inherit opened file descriptor, including opened sockets.
----------------------------------------------------------------------------

                 Key: LS-512
                 URL: http://dev.sourcefabric.org/browse/LS-512
             Project: Liquidsoap
          Issue Type: Bug
          Components: Liquidsoap
            Reporter: Romain Beauxis
            Priority: Blocker
             Fix For: 1.0


When liquidsoap spawns a new process using Ocaml's open_process* functions, the 
new process is created using fork() and therefore inherits all opened file 
descriptors from liquidsoap.

This leads to many different type of issues, among which:
 * If liquidsoap stops before an external process, any port opened by 
liquidsoap remains open until all external processes have terminated
 * All external processes have access to the file/sockets opened by liquidsoap, 
in particular they may read a file whose content is supposed to be protected 
(password) or listen to network traffic (source password for instance)

The problem is not easy. There are several possibilities:
 * Define our own implementation of Unix.open_process*
 * Use some shell trickery to close the descriptors before invoking the new 
process. Something like:
  "/bin/ls /dev/fd/ | while read i; do if test "$i" -ge "3"; then exec "$i<&-" 
2>/dev/null; fi done; my_process
 * Convince OCaml's maintainer to apply some patch and wait for a new release 
of OCaml...



-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://dev.sourcefabric.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

------------------------------------------------------------------------------
Fulfilling the Lean Software Promise
Lean software platforms are now widely adopted and the benefits have been 
demonstrated beyond question. Learn why your peers are replacing JEE 
containers with lightweight application servers - and what you can gain 
from the move. http://p.sf.net/sfu/vmware-sfemails
_______________________________________________
Savonet-devl mailing list
Savonet-devl@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/savonet-devl

Répondre à