> Your approach clearly solves only a fraction of the problem
If by a "fraction", you mean 9/10ths of the problem.. The only fraction that Uli's solution
fixes that cannot be fixed using closefrom() is the case involving interaction with
proprietary plugins. I agree with an earlier poster; once you run a proprietary binary
program, you can never be sure that your data is safe. The possibility of leaking file
descriptors across an execve() call is the least of your worries.
The typical use case is a program calling fork() and then execve() to run an external program
that only needs access to stdin/stdout/stderr. Linux/GNU developers should optimize for making
it easy to close all other file descriptors. Instead, they have optimized for running
proprietary binary plugins. Yuck.