| Summary: | closefrom_fallback fails when /proc/self/fd is not present, which causes unexpected behavior with openssh | ||
|---|---|---|---|
| Product: | glibc | Reporter: | william.wilson |
| Component: | libc | Assignee: | Not yet assigned to anyone <unassigned> |
| Status: | UNCONFIRMED --- | ||
| Severity: | minor | CC: | adhemerval.zanella, drepper.fsp, michael.hudson |
| Priority: | P2 | ||
| Version: | 2.34 | ||
| Target Milestone: | --- | ||
| Host: | Target: | ||
| Build: | Last reconfirmed: | ||
|
Description
william.wilson
2021-09-22 22:35:58 UTC
I have also created https://bugzilla.mindrot.org/show_bug.cgi?id=3349 to track this with openssh. As Florian has state in the https://bugzilla.mindrot.org/show_bug.cgi?id=3349, there is not much we can do make it work reliable on Linux. The RLIMIT_NOFILE fallback some implementations (such the one used on openssh at openbsd-compat/bsd-closefrom.c) is not possible because it does not really describe the descriptor range, and iterating over all possible file descriptors values (INT_MAX) is prohibitively performance-wise. It might work on openssh since it controls when and how it uses RLIMIT_NOFILE, but it not an option for glibc. So I think it is a fair assumption that if you want to support closefrom() on a kernel without the syscall suppport, you need to provide the another feasible kernel interface to allows it (procfs). Another option is to either abort if /proc can not be opened or remove the fallback (and abort() as well). In any case, I am inclined to close this bug. |