[pkg-lighttpd] Bug#446324: lighttpd: stderr not closed

Olaf van der Spek Olaf at XWIS.Net
Thu Nov 1 11:18:40 UTC 2007


Michal Čihař wrote:
>> My guess is that this code is opening fd 3 (stdout is fd 1, stderr is fd 
>> 2) and not closing it. Then Lighttpd inherits fd 3 and doesn't close it 
>> either. I've no idea who is supposed to close it though.
> 
> Well I think lighttpd should close all open fds, 

Why? Doesn't POSIX or another standard indicate who should close them?
Not leaking them in the first place would be even more secure I think.

 > it's just good for
> security reasons anyway and I think I've seen this in some daemon (maybe
> ssh, I'm not sure).

That's true, but how does the daemon know which fds are open and which 
are not and which ones should be closed?





More information about the pkg-lighttpd-maintainers mailing list