aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-10-30 17:05:25 +0100
committerLennart Poettering <lennart@poettering.net>2014-10-30 17:05:25 +0100
commitdd4540da0e1f983540d862cc657df7161a3bdd06 (patch)
tree0ab65e93f2f144f00358d05e0e1171f0c4525cf4 /CODING_STYLE
parentmemfd: always create our memfds with CLOEXEC set (diff)
downloadsystemd-dd4540da0e1f983540d862cc657df7161a3bdd06.tar.gz
systemd-dd4540da0e1f983540d862cc657df7161a3bdd06.tar.bz2
systemd-dd4540da0e1f983540d862cc657df7161a3bdd06.zip
CODING_STYLE: clarify that we really should use O_CLOEXEC everywhere
Diffstat (limited to 'CODING_STYLE')
-rw-r--r--CODING_STYLE5
1 files changed, 5 insertions, 0 deletions
diff --git a/CODING_STYLE b/CODING_STYLE
index 4439ee609..0b1f809e7 100644
--- a/CODING_STYLE
+++ b/CODING_STYLE
@@ -190,3 +190,8 @@
- Do not write functions that clobber call-by-reference variables on
failure. Use temporary variables for these cases and change the
passed in variables only on success.
+
+- When you allocate a file descriptor, it should be made O_CLOEXEC
+ right from the beginning, as none of our files should leak to forked
+ binaries by default. Hence, whenever you open a file, O_CLOEXEC must
+ be specified, right from the beginning.