I'm still puzzled by the Unix change. I completely agree with Martin about CLOSEXEC but there is something fishy here that we need to get a handle on. When we fork then we close >= 3 in the child so there shouldn't be any magic with fd 3.
The current code closes >= 4. FD 3 is a special one that is intended to be error pipe back to parent. But after jimage was implemented, FD 3 is occupied by it instead.
As far as I understand it, there's no need for hardcoded FD numbers at all. I can remove all magic from this code if someone promises me he'll get the patch applied (after review, of course!)
Aside from removing magic from code, the future patch will also fix communicating errors back to parent, because with current code it obviously can't work.
