On Wed, 17 Oct 2007, Brandon S. Allbery KF8NH wrote:
...
> Well, security folks (professional paranoids :) tend to consider  
> passing anything other than standard file descriptors to arbitrary  
> subprocesses to be a potential uncontrolled information leak.  There  
> *are* times when you want to care about this, but in general there is  
> a tradeoff between secure and usable so most practical systems take  
> the middle road and make the programmer do fd swizzling by hand if  
> they need special behavior in either direction (either more or less  
> sharing, that is).  (Early Unix, on the other hand, erred toward the  
> permissive/promiscuous, cf. your NetBSD source comparison.)

My source observations may have been ambiguous.  Old NetBSD popen
closed all fds, current NetBSD popen closes only popen fds.

        Donn Cave, [EMAIL PROTECTED]

_______________________________________________
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe

Reply via email to