Obviate need for doing a CLOEXEC on pipes: just close them before exec

This commit is contained in:
Nick Mathewson 2010-11-20 01:24:30 -05:00
parent e669d25e43
commit b4f56dd4c6

View File

@ -2986,7 +2986,7 @@ tor_spawn_background(const char *const filename, int *stdout_read,
child_state = CHILD_STATE_REDIRECT; child_state = CHILD_STATE_REDIRECT;
/* Link stdin to /dev/null */ /* Link stdin to /dev/null */
fd = open("/dev/null", O_RDONLY); fd = open("/dev/null", O_RDONLY); /* NOT cloexec, obviously. */
if (fd != -1) if (fd != -1)
dup2(STDIN_FILENO, fd); dup2(STDIN_FILENO, fd);
else else
@ -2994,12 +2994,19 @@ tor_spawn_background(const char *const filename, int *stdout_read,
child_state = CHILD_STATE_CLOSEFD; child_state = CHILD_STATE_CLOSEFD;
/* Close all other fds, including the read end of the pipe */ close(stderr_pipe[0]);
/* XXX: use closefrom if available, or better still set FD_CLOEXEC close(stderr_pipe[1]);
on all of Tor's open files */ close(stdout_pipe[0]);
for (fd = STDERR_FILENO + 1; fd < max_fd; fd++) close(stdout_pipe[1]);
close(fd); close(fd);
/* Close all other fds, including the read end of the pipe */
/* XXX: We should now be doing enough FD_CLOEXEC setting to make
* this needless. */
for (fd = STDERR_FILENO + 1; fd < max_fd; fd++) {
close(fd);
}
child_state = CHILD_STATE_EXEC; child_state = CHILD_STATE_EXEC;
/* Call the requested program. We need the cast because /* Call the requested program. We need the cast because