[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Wed, 12 Nov 2014 09:29:39 -0500
> ... yeah, I have to agree with you there. I think by now all library
> calls that create file descriptors should be setting the close-on-exec
> flag, right? That's been around forever. Although I'm not sure
> O_CLOEXEC has been around forever, has it? I know the fcntl()
> equivalent has. We should go through and audit all open() calls and set
> the FD_CLOEXEC flag where appropriate.
O_CLOEXEC has been in Linux since 2.6.23. I'm stuck on at least
one system (CentOS 5.9) that's older.
As part of the audit, it would be really nice to wrap all open()
calls so we can take care of this in one place. We could then
easily autoconf check for O_CLOEXEC if desired. We wrap the
alloc family and that's been very helpful.
> >(Is 255 fixed? File descriptors can run far higher on some systems, and
> >closing them all can take time, e.g. Apache used to suffer from this.
> >The BSDs added http://manned.org/closefrom.2 to lessen the calls, but it
> >still tramples willy-nilly.)
> It looks like it's based on OPEN_MAX ... which is kind of bogus.
All of that is funneled through one function, closefds(), so
easy to fix (remove in this case).
- [Nmh-workers] O_CLOEXEC,
David Levine <=