diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-10-30 17:05:25 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2014-10-30 17:05:25 +0100 |
commit | dd4540da0e1f983540d862cc657df7161a3bdd06 (patch) | |
tree | 0ab65e93f2f144f00358d05e0e1171f0c4525cf4 /CODING_STYLE | |
parent | memfd: always create our memfds with CLOEXEC set (diff) | |
download | systemd-dd4540da0e1f983540d862cc657df7161a3bdd06.tar.gz systemd-dd4540da0e1f983540d862cc657df7161a3bdd06.tar.bz2 systemd-dd4540da0e1f983540d862cc657df7161a3bdd06.zip |
CODING_STYLE: clarify that we really should use O_CLOEXEC everywhere
Diffstat (limited to 'CODING_STYLE')
-rw-r--r-- | CODING_STYLE | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/CODING_STYLE b/CODING_STYLE index 4439ee609..0b1f809e7 100644 --- a/CODING_STYLE +++ b/CODING_STYLE @@ -190,3 +190,8 @@ - Do not write functions that clobber call-by-reference variables on failure. Use temporary variables for these cases and change the passed in variables only on success. + +- When you allocate a file descriptor, it should be made O_CLOEXEC + right from the beginning, as none of our files should leak to forked + binaries by default. Hence, whenever you open a file, O_CLOEXEC must + be specified, right from the beginning. |