Race-free process creation in the GNU C Library

Posted Sep 2, 2023 0:26 UTC (Sat) by alkbyby (subscriber, #61687)
In reply to: Race-free process creation in the GNU C Library by bluca
Parent article: Race-free process creation in the GNU C Library

Maybe I didn't get what you're referring to. Perhaps you can elaborate on a specific case.

But my point is as long is we're able to guarantee that child's pid is not reused, there is no race if/when parent calls whatever set_xyz on child's pid (it may find child dead, but it'll never confuse this child with another process). And classic mechanism of zombies gives us exactly that. Child's pid won't get reused until parent collects child's status.

P.S. Also I was under the impression that lot/most of those "many things" (setsid, unshare etc) are typically what child does for itself (after clone_vfork but before exec, for which posix_spawn has numerous attributes).

Race-free process creation in the GNU C Library

Posted Sep 2, 2023 10:17 UTC (Sat) by bluca (subscriber, #118303) [Link]

You are only thinking about basic process management. There is much more to it, like for example identifying for the purpose of authenticating a service or a session (polkit, dbus, logind, gnome). pidfds can be transferred to other arbitrary processes via SCM_PIDFD. You need to do that before you wait for their exit, for obvious reasons.