Bug 1254033 - Chapter 9.2 advice on using /proc/self/fd to close file descriptors before execve is dangerously wrong
Summary: Chapter 9.2 advice on using /proc/self/fd to close file descriptors before ex...
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora Documentation
Classification: Retired
Component: defensive-coding-guide
Version: devel
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Florian Weimer
QA Contact: Fedora Docs QA
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-08-17 00:35 UTC by Steven Stewart-Gallus
Modified: 2019-11-07 15:30 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2019-11-07 15:30:19 UTC
Embargoed:

Attachments (Terms of Use)

Description Steven Stewart-Gallus 2015-08-17 00:35:21 UTC 
Description of problem:

The documentation advises to open /proc/self/fd after forking and close the file descriptor entries found in there before calling execve. However, in a multi-threaded environment many memory allocators may deadlock after fork (opendir, and readdir may allocate memory.) As well, most commonly programmers implement this by looping over /proc/self/fd while closing file descriptors which is unsafe because it is like looping over a list while removing entries from it at the same time. Instead, one should set the close on execute bit on these file descriptors when looping over the directory entries (probably using the FIONCLEX ioctl for speed.)
Comment 1 Petr Bokoc 2019-11-07 15:30:19 UTC 
I'm closing this bug as part of a Bugzilla cleanup effort. The most likely reason is that the bug has been opened either against a component we no longer publish, or against Release Notes for an EOL release.
Note You need to log in before you can comment on or make changes to this bug.