This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On 04/14/2018 03:31 PM, Zack Weinberg wrote:
The whole point of this function is to backstop insufficiently defensively programmed suid executables. If they're not themselves taking precautions against fds 0, 1, and 2 being closed, why do we believe they are checking for the unusual errors that will occur as a result of fd 0 being open O_WRONLY, and so on?
We don't believe that. All we believe is that the programs that are checking for errors will get error diagnostics that will help developers diagnose the problem, while the programs that are not checking for errors will get the similar behavior now that they would get under your proposed change.
The proposed change would make sense if it were more helpful for programs that check for errors to get EOF on input and ENOSPC on output, than for them to get EBADF on both input and output. I am skeptical that this would help, though. I think the current behavior is more helpful, since EBADF is more likely to point developers in the right direction that their programs are misusing file descriptors. EOF on input and ENOSPC on output are relatively routine situations that can occur with well-written programs. In contrast, EBADF typically means your program has a bug, and this more-accurately describes the programs in question.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |