From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mailbackend.panix.com (mailbackend.panix.com [166.84.1.89]) by sourceware.org (Postfix) with ESMTPS id 0F1DC38708C0 for ; Wed, 19 Aug 2020 17:46:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 0F1DC38708C0 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=panix.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=zackw@panix.com Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com [209.85.218.53]) by mailbackend.panix.com (Postfix) with ESMTPSA id 4BWwFS4gdFz1XPR for ; Wed, 19 Aug 2020 13:46:36 -0400 (EDT) Received: by mail-ej1-f53.google.com with SMTP id jp10so27352122ejb.0 for ; Wed, 19 Aug 2020 10:46:36 -0700 (PDT) X-Gm-Message-State: AOAM532xbKtGIhLroqwDV/kxxMoJJ1PpHl8IDSfjwGlkxYi2THDWueoc Atnc814wivnt4PeHKvA1iZ8A0ijGGm/BlObUVw0= X-Google-Smtp-Source: ABdhPJwW4qrwwAhLCU2NPaRDWTF293t1Hv2oirkloRpL/+EV5QiOIhwnN/8ET5tw+8VwX5770efgbUWpG/r80cphe/8= X-Received: by 2002:a17:906:1cd3:: with SMTP id i19mr5298713ejh.552.1597859194844; Wed, 19 Aug 2020 10:46:34 -0700 (PDT) MIME-Version: 1.0 References: <20200819124124.17481-1-arsen@aarsen.me> In-Reply-To: From: Zack Weinberg Date: Wed, 19 Aug 2020 13:46:23 -0400 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2] Ensure standard file descriptors are open on start To: Joseph Myers Cc: =?UTF-8?Q?Arsen_Arsenovi=C4=87?= , GNU C Library Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Aug 2020 17:46:38 -0000 On Wed, Aug 19, 2020 at 12:28 PM Joseph Myers wro= te: > On Wed, 19 Aug 2020, Arsen Arsenovi=C4=87 via Libc-alpha wrote: > > > ISO C requires that standard input, output and error are always open on > > program startup. > > ISO C doesn't talk about file descriptors at all. The objects stdin, > stdout and stderr need to be initialized, but it's fine for all I/O on > them to fail. > > > + /* Ensure the standard streams are opened, as required by POSIX and = C. For > > + dynamic programs this is already handled in the dynamic loader. = */ > > Please give specific references, not just "as required by POSIX and C". > What exactly do you think requires these descriptors to be open? Are you raising a hard objection to this change, Joseph? I think it makes sense just on QoI grounds. Specifically, the reason we already do this for set-ID programs (it could be very bad if the program accidentally writes to a file that it didn't expect to be assigned fd 1 or 2) seems to apply nearly as well to ordinary programs (it's not a _security_ issue but it could still cause data loss). zw