In my blog http://danwalsh.livejournal.com/53603.html I was complaining about leaking file descriptors. One of the comments suggests: "Most current software actually need O_CLOEXEC as default behaviour, unfortunately there is no "magic" -D_FORCE_OCLOEXEC ( like FORTIFY_SOURCE) or a compiler flag -fcloexec .. that would make the task for distributions so much easier..." What do you think? Or at least an option where leaking FD > 2 (STDERR) would be blocked.
Daniel, after reading your blog post I changed the component from glibc to gcc (I think this was your original intention). A philosophical question: isn't the "right" thing to do to modify calls to open(), etc in source to include the correct flags instead of forcing it on the backend? Could this new feature have negative implications in other scenarios? (asking out of ignorance)
Please don't change the component, gcc really has nothing to do with that.
I don't think changing the default behavior like this is a wise idea. Folks that want this behaviour relaly need to ask for it explicitly.