Le Thu, 10 Jan 2013 12:59:02 +0100, Victor Stinner email@example.com a écrit :
2013/1/10 Charles-François Natali firstname.lastname@example.org:
Disclaimer: I'm not saying we should be changing all FDs to close-on-exec by default like Ruby did, I'm just saying that there's a real problem.
I changed my mind, the PEP does not propose to change the *default* behaviour (don't set close-on-exec by default).
But the PEP proposes to *add a function* to change the default behaviour. Application developers taking care of security can set close-on-exec by default, but they will have maybe to fix bugs (add cloexec=False argument, call os.set_cloexec(fd, True)) because something may expect an inheried file descriptor.
Do you have an example of what that "something" may be? Apart from standard streams, I can't think of any inherited file descriptor an external program would want to rely on.
In other words, I think close-on-exec by default is probably a reasonable decision.