On Tue, Oct 22, 2013 at 09:27:18PM +0200, Stefani Seibold wrote: > This patch will increase security since no developers can review all libraries > which there are using. Also in a team of developers it is not always possible > to have a full survey over the code which is produced. Or the output of a code > generators and so one. This patch allows a kind of preventive measures. > > It can also prevent resource occupation. Imagine a long running process (a > daemon) is execute from the application after open some file desciptors. For > example libpcsclite.so will not open the socket with SOCK_CLOEXEC. Or a device > driver which alows only a single open. In both cases the resource cannot > reopened after a close. Sigh! > > What do you think? That it's a bad idea. Not to mention anything else, the same unreviewed libraries can get buggered if the program sets that "global close-on-exec" and it's not at all obvious whether the breakage from that change will be less or more dangerous than leaking opened files to children. Al, fully expecting the Linux S-M crowd to jump on that one and come up with yet another one-shot LSM... ;-/ -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
