Bug#410671: iceweasel: firefox leaks filehandles to external applications

Sun Oct 2 11:20:34 UTC 2011

Hi,

how about using O_CLOEXEC when opening files or sockets?

From the manual page open(2):

   O_CLOEXEC (Since Linux 2.6.23)
          Enable the close-on-exec  flag  for  the  new  file  descriptor.
          Specifying  this  flag  permits  a  program  to avoid additional
          fcntl(2) F_SETFD operations to set the FD_CLOEXEC  flag.   Addi-
          tionally,  use  of  this flag is essential in some multithreaded
          programs since using a separate fcntl(2)  F_SETFD  operation  to
          set  the  FD_CLOEXEC  flag does not suffice to avoid race condi-
          tions where one thread opens a file descriptor at the same  time
          as another thread does a fork(2) plus execve(2).

Bye, Jörg.
-- 
Damit das Mögliche entsteht, muß immer wieder das Unmögliche versucht
werden.                                       (Hermann Hesse)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature http://en.wikipedia.org/wiki/OpenPGP
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20111002/2a068aec/attachment.pgp>