> Currently, programs can use fcntl() to change an open file descriptor to > have the close-on-exec property, but there is always a window in time > between the creation of the descriptor and changing its behavior. Another > thread could do an exec() call in that window, leaking a potentially > sensitive file descriptor into the newly run program. Closing that window > requires an in-kernel solution. No it doesn't! Simple locking between threads would easily fix the race. See https://bugzilla.redhat.com/show_bug.cgi?id=233481 for an example. The problem with this approach appears to be poor performance.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds