-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Ulrich Drepper on 8/27/2009 8:22 AM:
I hope that my example shows why doing it in the kernel is desirable -
there is no safe way to keep the pre-O_CLOEXEC efficiency using just the
library, but there IS a way to do it with kernel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Florian Weimer on 8/27/2009 8:35 AM:
* Eric Blake:
int open_safer (const char *name, int flags, int mode)
{
int fd = open (name, flags | O_CLOEXEC, mode);
if (0 = fd fd = 2)
{
int dup = fcntl (fd, ((flags
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Florian Weimer on 8/28/2009 6:52 AM:
If the caller requested O_CLOEXEC, then your version takes 3, 5, or
7 syscalls depending on how many std fds were closed, while my
version takes 3 syscalls regardless of how many std fds were
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Florian Weimer on 8/28/2009 6:52 AM:
* Eric Blake:
Your version fails to clear the cloexec bit of the final fd if the
original caller didn't request O_CLOEXEC.
Okay, but you can fix that in a race-free manner (but I thought that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Davide Libenzi on 8/25/2009 3:53 PM:
Another solution is for the application to sanitize all newly-created
fds: GNU coreutils provides a wrapper open_safer, which does nothing
extra in the common case that open() returned 3 or larger,
On 08/27/2009 06:54 AM, Eric Blake wrote:
I hope that my example shows why doing it in the kernel is desirable -
there is no safe way to keep the pre-O_CLOEXEC efficiency using just the
library, but there IS a way to do it with kernel support:
You're describing a very special case where the
* Eric Blake:
int open_safer (const char *name, int flags, int mode)
{
int fd = open (name, flags | O_CLOEXEC, mode);
if (0 = fd fd = 2)
{
int dup = fcntl (fd, ((flags O_CLOEXEC)
? F_DUPFD_CLOEXEC : F_DUPFD), 3);
int saved_errno = errno;
On Thu, 27 Aug 2009, Eric Blake wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Davide Libenzi on 8/25/2009 3:53 PM:
Another solution is for the application to sanitize all newly-created
fds: GNU coreutils provides a wrapper open_safer, which does nothing
extra in the
On Tue, 25 Aug 2009, Eric Blake wrote:
Another solution is for the application to sanitize all newly-created
fds: GNU coreutils provides a wrapper open_safer, which does nothing
extra in the common case that open() returned 3 or larger, but calls
fcntl(n,F_DUPFD,3)/close(n) before returning
