Junio C Hamano wrote: > Johannes Sixt <j.sixt@xxxxxxxxxxxxx> writes: > >> Paolo Bonzini schrieb: >>> + /* >>> + * Always open file descriptors 0/1/2 to avoid clobbering files >>> + * in die(). It also avoids not messing up when the pipes are >>> + * dup'ed onto stdin/stdout/stderr in the child processes we spawn. >>> + */ >> I see your point, but I don't have an opinion whether this stretch is >> necessary. > > This is going too far. Have you seen any other sane program that do this? Busybox. But it runs setuid, as Steven pointed out. I say it's all (i.e. be this paranoid), or nothing. Paolo -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
