>On Wed, Sep 02, 2009 at 07:45:26PM -0400, James Carlson wrote: >> Yep; good point. I'd still want to do the closes first (to avoid the >> unnecessary extra failure mode when all fds are in use, as much as is >> possible). > >But even then: it's better to fail without having changed stdin/out/err >than it is to fail with the wrong or no stdin/out/err.
True; and the new basic privilege "PRIV_FILE_READ" may make it easy to prevent a process from opening /dev/null. Casper
