> The SocketServer class creates a socket to listen on clients, and a > new socket per client (only for stream server like TCPServer, not for > UDPServer). > > Until recently (2011-05-24, issue #5715), the listening socket was not > closed after fork for the ForkingMixIn flavor. This caused two issues: > it's a security leak, and it causes "address already in use" error if > the server is restarted (see the first message of #12107 for an > example with Django).
Note that the server socket is actually still not closed in the child process: one this gets fixed, setting FD_CLOEXEC will not be useful anymore (but it would be an extra security it it could be done atomically, especially against race conditions in multi-threaded applications). (Same thing for the client socket, which is actually already closed in the parent process). As for the backward compatibility issue, here's a thought: subprocess was changed in 3.2 to close all FDs > 2 in the child process by default. AFAICT, we didn't get a single report complaining about this behavior change. OTOH, we did get numerous bug reports due to FDs inherited by subprocesses before that change. (I know that Python >= 3.2 is less widespread than its predecessors, but still). _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com