[PATCH 2/2] Xinit: close stdin to avoid leak of file descriptior to the Xorg session.
Ray Strode
halfline at gmail.com
Tue Jul 26 13:34:11 PDT 2011
Hi,
On Tue, Jul 26, 2011 at 4:02 PM, Jeremy Huddleston <jeremyhu at apple.com> wrote:
> IMO, there is a point to closing stdin aside from the setsid(2).
My point is, it only solves the problem part way.
As an example, say a program wants to ask the user for a password.
The program supports asking the user at the console if run from a tty,
and supports asking the user from an X dialog otherwise. The way that
program would ask the user for a password at the console is by opening
/dev/tty (since password programs don't read input from stdin). That
program could first try to open /dev/tty, and if it fails assume an X
fall back. If you haven't insulated the client from the tty startx
was run on, then this program may end up trying to ask for a password
on some switched away VT! and would probably get suspended instantly
with SIGTTIN. You could argue the client should try X first and fall
back to console. Or you could argue the client should do isatty() on
stdin before trying to open /dev/tty. But both are debatable and this
is just one example, anyway.
The example serves to show that redirecting STDIN to /dev/null
partially solves the same problem setsid partially solves.That problem
is "detaching X clients from the tty startx was run on".
Or is there another problem being solved, that you have in mind?
--Ray
More information about the xorg-devel
mailing list