[tor-bugs] #2029 [Tor Relay]: Set FD_CLOEXEC on all open file descriptors so that they are closed on exec()
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat Oct 9 15:48:41 UTC 2010
#2029: Set FD_CLOEXEC on all open file descriptors so that they are closed on
exec()
-----------------------+----------------------------------------------------
Reporter: sjmurdoch | Owner: sjmurdoch
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent: #1775
-----------------------+----------------------------------------------------
Tor currently does not set FD_CLOEXEC on files it opens, so any child
processes (e.g. tor-fw-helper) inherit open files. This is bad, so
currently we try to guess the largest open file handle and close
everything up to it, but this is icky and probably not reliable.
We should call fcntl(fd, F_SETFD, FD_CLOEXEC) on any files we open to
avoid needing to do this. This will require finding all the cases where
Tor and its libraries create a file descriptor, so not just open but also
pipe, dup/dup2, socket, etc...
Tor currently does not exec anything except tor-fw-helper, so this should
not affect anything else.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2029>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list