- Add Q3 report on atomic close-on-exec
Submitted by: jilles
This commit is contained in:
parent
e5bb48473e
commit
653214b679
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=42869
1 changed files with 42 additions and 1 deletions
|
@ -19,7 +19,7 @@
|
|||
|
||||
<!-- XXX: keep updating the number of entries -->
|
||||
<p>Thanks to all the reporters for the excellent work! This report
|
||||
contains 17 entries and we hope you enjoy reading it.</p>
|
||||
contains 18 entries and we hope you enjoy reading it.</p>
|
||||
|
||||
<!-- XXX: set date for the next set of submissions -->
|
||||
<p>The deadline for submissions covering between October and
|
||||
|
@ -897,4 +897,45 @@
|
|||
SDIO-capable slot.</task>
|
||||
</help>
|
||||
</project>
|
||||
|
||||
<project cat='kern'>
|
||||
<title>Atomic "close-on-exec"</title>
|
||||
|
||||
<contact>
|
||||
<person>
|
||||
<name>
|
||||
<given>Jilles</given>
|
||||
<common>Tjoelker</common>
|
||||
</name>
|
||||
<email>jilles@FreeBSD.org</email>
|
||||
</person>
|
||||
</contact>
|
||||
|
||||
<links>
|
||||
<url href="https://wiki.freebsd.org/AtomicCloseOnExec" />
|
||||
</links>
|
||||
|
||||
<body>
|
||||
<p>If threads or signal handlers call <tt>fork()</tt> and
|
||||
<tt>exec()</tt>, file descriptors may be passed undesirably to
|
||||
child processes, which may lead to hangs (if a pipe is not
|
||||
closed), exceeding the file descriptor limit and security
|
||||
problems (if the child process has lower privilege). One
|
||||
solution is various new APIs that set the "close-on-exec" flag
|
||||
atomically with allocating a file descriptor. Some existing
|
||||
software will use the new features if present or will even
|
||||
refuse to compile without them.</p>
|
||||
|
||||
<p>With <tt>mkostemp()</tt>, <tt>dup3()</tt>, and a change to
|
||||
modes of <tt>fopen()</tt> and <tt>freopen()</tt>, everything
|
||||
proposed in Austin Group issue #411 has now been implemented.
|
||||
For all POSIX-specified functions that allocate file
|
||||
descriptors, it is possible to request that the new descriptor
|
||||
be set close-on-exec atomically.</p>
|
||||
|
||||
<p>Additionally, many file descriptors used internally by
|
||||
<tt>libc</tt> and <tt>libutil</tt> now have the close-on-exec bit
|
||||
set.</p>
|
||||
</body>
|
||||
</project>
|
||||
</report>
|
||||
|
|
Loading…
Reference in a new issue