Hal Murray via devel writes: >> Can somebody give me a lesson in why a program should close all it's >> descriptors? We can clean up a lot of crufty code if we drop that. > > Nobody responded to my request, so I'll assume it isn't needed and start > working on deleting it.
You're getting ahead of yourself a bit it seems. It isn't hard to put your question into a search and get useful answers as to why this is a good practise (and also why it's crufty if you have to support more than just Linux or any other single system). TL;DR; A forked process inherits all open files from the parent and that implies access to the resource behind the descriptor with the rights (or in the context) of the parent process. To properly restrict the new process, you need to close anything that the child would not have access to in the new context and/or the child doesn't actually need. A daemon also needs to close STDIN, STDOUT and STDERR (fd 0, 1, 2). But a daemon dropping privileges usually also depends on some resources that only the parent has access to, so simply closing all fd isn't going to work. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ SD adaptations for Waldorf Q V3.00R3 and Q+ V3.54R2: http://Synth.Stromeko.net/Downloads.html#WaldorfSDada _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel