Eggdev: RFC/Suggestion: Set close-on-exec on all file descriptors opened by eggdrop

Moritz Wilhelmy mw+egg at barfooze.de
Sat Jul 18 16:47:49 UTC 2015


Hello,

After having had problems with a long-running subprocess pipe that
locked up the eggdrop sockets on restart, I want to propose to set the
close-on-exec flag on all file descriptors opened by eggdrop.

This flag (FD_CLOEXEC) has been part of POSIX since the very beginning
and should be portable to all platforms supported by eggdrop.

Assuming the file descriptor was just opened, one would set this flag
using

  fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);

using the fcntl function declared in <fcntl.h>.

This would make eggdrop less fragile with regard to subprocesses, which
mostly have no business accessing eggdrop's file descriptors after exec
has taken place (and if so, one can pass them additional file
descriptors via I/O redirection anyway).

In my use case, I spawn a long-running pipe to a perl process which
relays information back to eggdrop via stdout.

It is not very surprising this problem has gone unnoticed for so long
since I suppose my setup is rather untypical.

Closing the excess file descriptors in the subprocess requires doing
things in unportable and ugly ways. FD_CLOEXEC is the clean and portable
solution. Having subprocesses which can access a parent's file
descriptors is also insecure.

Best regards,

Moritz

-- 
^M^J^W


More information about the Eggdev mailing list