-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 According to Bruno Haible on 7/25/2006 2:05 PM: > Hi Paul, > > When is it recommended to use these *-safer modules? > > What I understand is: If one of the file descriptors 0, 1, 2 is > closed at program startup, and if you later use open() or fopen(), it > might be possible that printf or fprintf statements to stdout or stderr > are directed into this completely unrelated file. > > But when does this occur? Does 'sh' or 'bash' invoke programs in this > state? Does Apache do so when running cgi-bin programs?
It can. POSIX requires [n]>&- and [n]<&- redirection operators to close the respective stream, even when n is 0, 1, or 2. POSIX allows an implementation to supply replacement file descriptors when exec'ing a setuid or setgid program. But in the normal case, implementations really do allow you to start life with any of the three standard streams closed. > > It is regarded as antisocial if a program starts another program with > some file descriptors in O_NONBLOCK mode. Or when a program starts > another program with a nonzero mask of ignored signals (sigprocmask). > Isn't passing closed descriptors 0, 1, or 2, of the same category? Yes, but that doesn't mean GNU programs can't be robust against it. > > And wouldn't there be an easier workaround: At the beginning of main(), > use fcntl() to determine whether 0,1,2 are closed, and if so, replace > them with open("/dev/null") ? Possibly. And if we did, it would make more sense to open fd 0 as write only and fd 1 as read only, to be more likely to catch attempts to use these streams when the user intended them to be closed. But it is nicer to have the error message reflect the actual situation of EBADF. And in some cases, the fact that the stream is closed is harmless (such as cp a b >&-, which produced no output). > > Just asking because I'm wondering whether not using these modules > in GNU gettext leads to bugs. Possibly. See my thread in m4 for the types of bugs I just fixed by using the -safer modules. http://lists.gnu.org/archive/html/bug-m4/2006-07/msg00021.html - -- Life is short - so eat dessert first! Eric Blake [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (Cygwin) Comment: Public key at home.comcast.net/~ericblake/eblake.gpg Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFExruD84KuGfSFAYARAreyAJwLuG859fNR44VfzT+mo+uwc9+8hgCfb1Uc LwhoCjSNaXYVtk7pjhA24Ak= =NFFm -----END PGP SIGNATURE-----