[krbdev.mit.edu #6062] better handling of close-on-exec race

Ken Raeburn via RT rt-comment at krbdev.mit.edu
Tue Aug 5 03:55:22 EDT 2008 

Newer Linux kernels (and I guess glibc versions) are getting support  
for having new file descriptors have the close-on-exec flag set from  
the start, eliminating the race condition.  We probably want a similar  
fix -- wrappers for open, fopen, accept, and so on, that use these  
hooks if present, and otherwise perform the traditional operation and  
then set close-on-exec as quickly as possible.

Begin forwarded message:

> From: Andrew Bartlett <abartlet at samba.org>
> Date: August 4, 2008 19:58:46 EDT
> To: Love Hörnquist Åstrand <lha at kth.se>
> Cc: heimdal-discuss <heimdal-discuss at sics.se>
> Subject: Re: [Heimdal-source-changes] heimdal r23441 - trunk/heimdal/ 
> lib/roken
> Reply-To: heimdal-discuss at sics.se, Andrew Bartlett  
> <abartlet at samba.org>
> X-Spam-Score: 0.13
>
> On Mon, 2008-07-28 at 08:26 +0100, Love Hörnquist Åstrand wrote:
>> 28 jul 2008 kl. 01.15 skrev Andrew Bartlett:
>>
>>> On Sun, 2008-07-27 at 14:05 +0200, lha at it.su.se wrote:
>>>> Author: lha
>>>> Name: Love Hrnquist strand
>>>> Date: 2008-07-27 14:05:11 +0200 (Sun, 27 Jul 2008)
>>>> Repository: heimdal
>>>> Repository Path:/afs/su.se/services/svn/heimdal
>>>> New Revision: 23441
>>>>
>>>> Added:
>>>>  trunk/heimdal/lib/roken/cloexec.c
>>>> Log:
>>>> Wrapper function for close on exec().
>>>
>>> Is this really the right way to do this?
>>>
>>> Given that recent Linux has a completely race-free way of handling
>>> this,
>>> shouldn't this be added to a roken version of open(), emulated on
>>> other
>>> systems?
>>
>> We need to to do it for socket/fopen/opendir too, and I rather not
>> sprinkle that 5 lines all over the place.
>>
>> That said, we should pass in O_CLOEXEC to open(2) calls too (just  
>> like
>> we do with O_BINARY).
>>
>> Thanks for point O_CLOEXEC out, I had totally missed that.
>
> Just to keep you busy, this should summarise all the calls and the way
> they have been adjusted to avoid this race:
>
> http://udrepper.livejournal.com/20407.html
>
> Andrew Bartlett
> -- 
> Andrew Bartlett
> http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> Samba Developer, Red Hat Inc.

More information about the krb5-bugs mailing list