svn commit: r42869 - head/en_US.ISO8859-1/htdocs/news/status

Gabor Pali pgj at FreeBSD.org
Mon Oct 7 10:10:20 UTC 2013 

Author: pgj
Date: Mon Oct  7 10:10:19 2013
New Revision: 42869
URL: http://svnweb.freebsd.org/changeset/doc/42869

Log:
  - Add Q3 report on atomic close-on-exec
  
  Submitted by:	jilles

Modified:
  head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml

Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml	Sun Oct  6 22:40:10 2013	(r42868)
+++ head/en_US.ISO8859-1/htdocs/news/status/report-2013-07-2013-09.xml	Mon Oct  7 10:10:19 2013	(r42869)
@@ -19,7 +19,7 @@
 
     <!-- XXX: keep updating the number of entries -->
     <p>Thanks to all the reporters for the excellent work!  This report
-      contains 17 entries and we hope you enjoy reading it.</p>
+      contains 18 entries and we hope you enjoy reading it.</p>
 
     <!-- XXX: set date for the next set of submissions -->
     <p>The deadline for submissions covering between October and
@@ -897,4 +897,45 @@
 	SDIO-capable slot.</task>
     </help>
   </project>
+
+  <project cat='kern'>
+    <title>Atomic "close-on-exec"</title>
+
+    <contact>
+      <person>
+	<name>
+	  <given>Jilles</given>
+	  <common>Tjoelker</common>
+	</name>
+	<email>jilles at FreeBSD.org</email>
+      </person>
+    </contact>
+
+    <links>
+      <url href="https://wiki.freebsd.org/AtomicCloseOnExec" />
+    </links>
+
+    <body>
+      <p>If threads or signal handlers call <tt>fork()</tt> and
+	<tt>exec()</tt>, file descriptors may be passed undesirably to
+	child processes, which may lead to hangs (if a pipe is not
+	closed), exceeding the file descriptor limit and security
+	problems (if the child process has lower privilege).  One
+	solution is various new APIs that set the "close-on-exec" flag
+	atomically with allocating a file descriptor.  Some existing
+	software will use the new features if present or will even
+	refuse to compile without them.</p>
+
+      <p>With <tt>mkostemp()</tt>, <tt>dup3()</tt>, and a change to
+	modes of <tt>fopen()</tt> and <tt>freopen()</tt>, everything
+	proposed in Austin Group issue #411 has now been implemented.
+	For all POSIX-specified functions that allocate file
+	descriptors, it is possible to request that the new descriptor
+	be set close-on-exec atomically.</p>
+
+      <p>Additionally, many file descriptors used internally by
+	<tt>libc</tt> and <tt>libutil</tt> now have the close-on-exec bit
+	set.</p>
+    </body>
+  </project>
 </report>

More information about the svn-doc-head mailing list