On Wed, Feb 25, 2015 at 02:27:30PM -0800, Alan Coopersmith wrote: > Solaris has the ancient support for setting the FD_CLOEXEC flag via > fcntl() in all versions, and the more recent support for the O_CLOEXEC > flag to open() in Solaris 11 and later, but does not yet support the > "e" flag to fopen(). (I've filed an enhancement request to add it to > our libc in the future, but that doesn't help today.) > > I believe the most portable way to do this is: > > if (!(addfp = fopen (addAuthFile, "w"))) > goto bad; > else > fcntl(fileno(addfp), F_SETFD, FD_CLOEXEC); > > That would be subject to race conditions in multi-threaded processes, as > described in https://udrepper.livejournal.com/20407.html, so not safe in > libraries or programs which deliberately start multiple threads, but since > xsm is not one of those, it should be mostly safe. (Not completely, because > we can't be sure nothing we called in a library didn't start a thread behind > the scenes to handle one of our requests, but without an "e" flag everywhere, > I'm not sure what more we can do. I have no idea how to write a configure > check to test for fopen(..., "e") support either.)
Ok, so let's use fcntl for now, new patch attached. Thomas
>From e8ea2f72fdb8c6ab38fd8a7b76865695065283cf Mon Sep 17 00:00:00 2001 From: Thomas Klausner <w...@netbsd.org> Date: Wed, 25 Feb 2015 22:22:50 +0100 Subject: [PATCH:xsm] Close file descriptors on exec. Signed-off-by: Thomas Klausner <w...@netbsd.org> --- auth.c | 4 ++++ choose.c | 2 ++ lock.c | 1 + remote.c | 3 ++- restart.c | 1 + saveutil.c | 3 +++ 6 files changed, 13 insertions(+), 1 deletion(-) diff --git a/auth.c b/auth.c index 5b3bcac..6f355c2 100644 --- a/auth.c +++ b/auth.c @@ -156,24 +156,28 @@ SetAuthentication(int count, IceListenObj *listenObjs, if (!(addfp = fopen (addAuthFile, "w"))) goto bad; + (void)fcntl(fileno(addfp), F_SETFD, FD_CLOEXEC); if ((remAuthFile = unique_filename (path, ".xsm")) == NULL) goto bad; if (!(removefp = fopen (remAuthFile, "w"))) goto bad; + (void)fcntl(fileno(removefp), F_SETFD, FD_CLOEXEC); #else if ((addAuthFile = unique_filename (path, ".xsm", &fd)) == NULL) goto bad; if (!(addfp = fdopen(fd, "wb"))) goto bad; + (void)fcntl(fileno(addfp), F_SETFD, FD_CLOEXEC); if ((remAuthFile = unique_filename (path, ".xsm", &fd)) == NULL) goto bad; if (!(removefp = fdopen(fd, "wb"))) goto bad; + (void)fcntl(fileno(removefp), F_SETFD, FD_CLOEXEC); #endif if ((*authDataEntries = (IceAuthDataEntry *) XtMalloc ( diff --git a/choose.c b/choose.c index 6459b61..4ec80c3 100644 --- a/choose.c +++ b/choose.c @@ -98,6 +98,8 @@ GetSessionNames(int *count_ret, String **short_names_ret, if ((dir = opendir (path)) == NULL) return 0; + (void)fcntl(dirfd(dir), F_SETFD, FD_CLOEXEC); + count = 0; while ((entry = readdir (dir)) != NULL) diff --git a/lock.c b/lock.c index 84c0ee3..7fba1d3 100644 --- a/lock.c +++ b/lock.c @@ -121,6 +121,7 @@ GetLockId(const char *session_name) { return (NULL); } + (void)fcntl(fileno(fp), F_SETFD, FD_CLOEXEC); buf[0] = '\0'; fscanf (fp, "%255s\n", buf); diff --git a/remote.c b/remote.c index 54d95ac..1fe1b45 100644 --- a/remote.c +++ b/remote.c @@ -111,7 +111,8 @@ remote_start(const char *restart_protocol, const char *restart_machine, default: /* parent */ close (pipefd[0]); - fp = (FILE *) fdopen (pipefd[1], "w"); + (void)fcntl(pipefd[1], F_SETFD, FD_CLOEXEC); + fp = fdopen (pipefd[1], "w"); fprintf (fp, "CONTEXT X\n"); fprintf (fp, "DIR %s\n", cwd); diff --git a/restart.c b/restart.c index 57663a5..6aae637 100644 --- a/restart.c +++ b/restart.c @@ -543,6 +543,7 @@ StartDefaultApps (void) exit (1); } } + (void)fcntl(fileno(f), F_SETFD, FD_CLOEXEC); buf = NULL; buflen = 0; diff --git a/saveutil.c b/saveutil.c index 091763a..f8a7171 100644 --- a/saveutil.c +++ b/saveutil.c @@ -72,6 +72,7 @@ ReadSave(const char *session_name, char **sm_id) *sm_id = NULL; return 0; } + (void)fcntl(fileno(f), F_SETFD, FD_CLOEXEC); if (verbose) printf("Reading session save file...\n"); @@ -319,6 +320,7 @@ WriteSave(const char *sm_id) } else { + (void)fcntl(fileno(f), F_SETFD, FD_CLOEXEC); fprintf (f, "%d\n", SAVEFILE_VERSION); fprintf (f, "%s\n", sm_id); @@ -431,6 +433,7 @@ DeleteSession(const char *session_name) if(!f) { return (0); } + (void)fcntl(fileno(f), F_SETFD, FD_CLOEXEC); buf = NULL; buflen = 0; -- 2.3.0
_______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel