*Lots* of applications make use of POSIX semantics for fork() / exec().
This doesn't mean much. We're talking about inheritance of FDs > 2 upon exec, which is a very limited subset of "POSIX semantics for fork() / exec()".
I personally think that there's been enough feedback to show that we should stick with the default POSIX behavior, however broken it is...
Can someone please point to a writeop of the security issues involved?
I've posted sample codes earlier in this thread, but here's a writeup by Ulrich Drepper: http://udrepper.livejournal.com/20407.html