Le 09/12/2020 10:40, Christian Brauner a écrit :
On Wed, Dec 09, 2020 at 09:50:38AM +0100, Michael Kerrisk (man-pages)
wrote:
> +.PP
> +.I flags
> +can be set to
> +.B CLOSE_RANGE_UNSHARE
> +to unshare the range of file descriptors from any other processes,
> +.I instead
> +of closing them.
Really "instead of closing them"? I had supposed that rather that this
should be "before closing them". That's also how the kernel code reads
to me, from a quick glance.
It's also mentioned in the commit message. Basically setting
CLOSE_RANGE_UNSHARE is equivalent to:
unshare(CLONE_FILES);
close_range(<start>, <end>);
Yes, I got that mixed up, thanks for the clarification! I'll send a v2
addressing the review comments later today.
Regards,
Stephen
