Date: Fri, 19 Apr 2002 13:08:42 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Garrett Wollman <wollman@lcs.mit.edu> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_descrip.c kern_exec.c src/sys/sys filedesc.h Message-ID: <20020419180842.GA54945@madman.nectar.cc> In-Reply-To: <200204191748.g3JHmAZ76103@khavrinen.lcs.mit.edu> References: <Pine.NEB.3.96L.1020419103914.64976x-100000@fledge.watson.org> <200204191445.g3JEjXSg095842@hak.lan.Awfulhak.org> <20020419153310.GD31829@madman.nectar.cc> <200204191748.g3JHmAZ76103@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 19, 2002 at 01:48:10PM -0400, Garrett Wollman wrote: > <<On Fri, 19 Apr 2002 10:33:10 -0500, "Jacques A. Vidrine" <nectar@FreeBSD.org> said: > > > IEEE Std 1003.1-2001: > > ``The open() function shall return a file descriptor for the named file > > that is the lowest file descriptor not currently open for that > > process.'' > > Given that, I expect my request for interpretation to come back with a > statement that it is prohibited for the implementation to open file > descriptors on exec() which had been closed by the calling process. I should be surprised with any other resolution. In general, it would not be desirable behaviour. Nonetheless, slavish adherence to standards can take a back seat to utilitarian or security issues, and such is the case here. Do keep in mind that we are speaking of set[ug]id programs only, which are already handled specially in many ways. Cheers, -- Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020419180842.GA54945>