[PATCH v2] Ensure standard file descriptors are open on start

[Florian Weimer]

* Adhemerval Zanella via Libc-alpha:

> But is it really a useful hardening, even for SUID binaries?  The 
> check_one_fd only check if the file descriptor is opened and redirects
> it to /dev/full otherwise.  It does really 'protect' if a constructor
> or a LD_PRELOAD redirects the STD*_FILENO to something else.

The protection is against messages intended for standard input and
standard error showing up in explicitly open files (which would
otherwise receive descriptors 3 and higher).  This is not too
far-fetched, given that such messages could well have parts that are
under control of a different user.