Sumanth Naropanth wrote: > Darren J Moffat wrote on 05/29/09 05:59: >> What happens with open file descriptors ? >> > > The system_noshell*() functions will call posix_spawn(3C) with a NULL > 'file_actions' argument, so the file descriptors open in the calling > process remain open in the child, except for those having the FD_CLOEXEC > flag set. > > We intended to do this the way system(3C) does.
I don't like that behaviour given the point of system_noshell() is to be more secure than system() this could leak to the child process fd's that were opened when the parent used privilege at open(2) time. -- Darren J Moffat
