Re: [dev] [quark] Performance issues

From: Laslo Hunhold <dev_AT_frign.de>
Date: Thu, 26 Sep 2019 08:25:48 +0200

On Wed, 25 Sep 2019 17:03:06 +0200
Markus Wichmann <nullplan_AT_gmx.net> wrote:

Dear Markus,

> You might not, but a library you use might. I remember musl testing
> for open FDs 0, 1, and 2 and opening /dev/null to make up for missing
> FDs. And crashing (deliberately) if that fails. But then, that only
> happens for elevated security contexts, i.e. setuid or "secure" mode
> (which on Linux means "file capabilities set").
>
> /dev/null has the distinction of being the only device POSIX actually
> requires. I don't know what you might use it for. (/dev/tty is
> defined, but optional.)

I didn't know that, very interesting! Thanks for explaining it. Well, it
just shows again how lackluster chroot() is and that the idea of
pledge()/unveil() is superior. A standard library could easily unveil()
the necessary files before program execution, not interfere with
program operation and POSIX would also be happy.

With best regards

Laslo
Received on Thu Sep 26 2019 - 08:25:48 CEST

This archive was generated by hypermail 2.3.0 : Thu Sep 26 2019 - 08:36:09 CEST