Page MenuHomePhabricator

eio_monitor_kevent leaks monitored fds into child processes
Open, HighPublic

Description

https://git.enlightenment.org/core/efl.git/tree/src/lib/eio/eio_monitor_kevent.c#n274

Paths to be monitored should be open O_CLOEXEC so that they are not leaked when child processes are spawned. In particular, it cannot possibly be helpful for these fds to be copied into child processes — the kqueue itself is not. (It's a special kind of file that is essentially always-CLOEXEC.)

This is especially noticeable when using Terminology, as it spawns a shell which inherits these open fds and passes them along to spawned child processes as well. On FreeBSD you can see this in terminology quite easily:

$ procstat -f $$
  PID COMM                FD T V FLAGS    REF  OFFSET PRO NAME
17509 zsh               text v r r-------   -       - -   /usr/local/bin/zsh-5.6.2
17509 zsh               ctty v c rw------   -       - -   /dev/pts/20
17509 zsh                cwd v d r-------   -       - -   /xxx
17509 zsh               root v d r-------   -       - -   /
17509 zsh                  0 v c rw------   6    7756 -   /dev/pts/20
17509 zsh                  1 v c rw------   6    7756 -   /dev/pts/20
17509 zsh                  2 v c rw------   6    7756 -   /dev/pts/20
...
17509 zsh                 15 v d r-------   5       0 -   /xxx/.elementary/config/standard
17509 zsh                 16 v d r-------   5       0 -   /xxx/.elementary/config
...

(Where "/xxx" is the user home directory.)

The solution is quite trivial: add O_CLOEXEC to open() flags in eio_monitor_backend_add().

c created this task.Tue, Nov 27, 3:02 PM
c triaged this task as High priority.
c updated the task description. (Show Details)Tue, Nov 27, 3:03 PM

@netstar can you have a look at this ? :)