Bill Pringlemeir wrote: > set_close_on_exec(), in misc.c is to prevent any code retrieved from > the network from being executed? Is this only to prevent an exploit?
It's to prevent giving anything exec()ed access to the socket file descriptors. It's not just to prevent exploits but also accidents. Consider that any "module" e.g., GNOME stuff has full access to the code and data. If it's not carefully written, it can cause all kinds of bugs and exploits. You've seen GNOME themes and UIM causing gtk-gnutella to crash due to bugs in their code and some these modules like UIM spawn background processes which by default inherit file descriptors. -- Christian ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ gtk-gnutella-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/gtk-gnutella-devel
