[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH v2 4/7] csu: Fix standard fds' mode

From: Paul Eggert
Subject: Re: [RFC PATCH v2 4/7] csu: Fix standard fds' mode
Date: Fri, 21 Apr 2023 10:16:40 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0

On 2023-04-20 05:06, Cristian Rodríguez via Libc-alpha wrote:
Exactly, my understanding is that it is a futile exercise ..if one
sufficient privilege at that stage one can do whatever is desired..  why
even bother messing with the standard fds..

Making stdin unreadable is not meant to thwart a root-privileged attacker. As the comment in check_one_fd says, it's merely meant to catch bugs in programs that accidentally (for example) read from standard input even though there is no standard input. If standard input is /dev/null and readable, these buggy programs silently behave as if the input is the empty file, which is likely incorrect. In contrast, if standard input is not readable, these buggy programs will get a read error, which is more likely to cause them to report an error and alert users of the bug.

So let's leave glibc/csu/check_fds.c alone: it serves a useful purpose.

PS. Sorry if this email is duplicate; I had mail server problems.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]