Bug 802027 - [RFE] Add option -D_FORCE_OCLOEXEC
[RFE] Add option -D_FORCE_OCLOEXEC
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: glibc (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Jeff Law
Fedora Extras Quality Assurance
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-10 06:11 EST by Daniel Walsh
Modified: 2012-06-08 16:33 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-08 16:33:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Daniel Walsh 2012-03-10 06:11:19 EST
In my blog 
http://danwalsh.livejournal.com/53603.html

I was complaining about leaking file descriptors.

One of the comments suggests:
 
"Most current software actually need O_CLOEXEC as default behaviour, unfortunately there is no "magic" -D_FORCE_OCLOEXEC ( like FORTIFY_SOURCE) or a compiler flag -fcloexec .. that would make the task for distributions so much easier..."

What do you think?  

Or at least an option where leaking FD > 2 (STDERR) would be blocked.
Comment 1 David Martinez 2012-06-08 11:44:36 EDT
Daniel, after reading your blog post I changed the component from glibc to gcc (I think this was your original intention).

A philosophical question: isn't the "right" thing to do to modify calls to open(), etc in source to include the correct flags instead of forcing it on the backend?  Could this new feature have negative implications in other scenarios? (asking out of ignorance)
Comment 2 Jakub Jelinek 2012-06-08 11:53:27 EDT
Please don't change the component, gcc really has nothing to do with that.
Comment 3 Jeff Law 2012-06-08 16:33:34 EDT
I don't think changing the default behavior like this is a wise idea.  Folks that want this behaviour relaly need to ask for it explicitly.

Note You need to log in before you can comment on or make changes to this bug.