From 699eee62d1b1ad8af1ca944a1b500b6c3096de0d Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 10 Feb 2015 21:25:28 +0100 Subject: CODING_STYLE: elaborate on O_CLOEXEC a bit --- CODING_STYLE | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'CODING_STYLE') diff --git a/CODING_STYLE b/CODING_STYLE index 30d24e56a6..1d1d970492 100644 --- a/CODING_STYLE +++ b/CODING_STYLE @@ -195,4 +195,10 @@ - When you allocate a file descriptor, it should be made O_CLOEXEC right from the beginning, as none of our files should leak to forked binaries by default. Hence, whenever you open a file, O_CLOEXEC must - be specified, right from the beginning. + be specified, right from the beginning. This also applies to + sockets. Effectively this means that all invocations to: + + a) open() must get O_CLOEXEC passed + b) socket() and socketpair() must get SOCK_CLOEXEC passed + c) recvmsg() must get MSG_CMSG_CLOEXEC set + d) F_DUPFD_CLOEXEC should be used instead of F_DUPFD, and so on -- cgit v1.2.3