[Python-Dev] Proposal for a new function "open_noinherit" to avoid problems with subprocesses and security risks
"Martin v. Löwis"
martin at v.loewis.de
Sat Jun 23 21:34:55 CEST 2007
> One fix is to always use subprocess.Popen and specify that
> close_fd=True, which wasn't difficult for me, but I can imagine that
> an easy way to set close-on-exec would be simpler in other cases.
I think the complaint is not so much about simplicity, but correctness.
close_fd also closes stdin/stdout/stderr, which might be undesirable
and differs from POSIX.
In any case, providing a uniform set-close-on-exec looks fine to me,
provided it is implementable on all interesting platforms.
I'm -0 on adding "n" to open, and -1 for adding if it means to
reimplement fopen.
Regards,
Martin
More information about the Python-Dev
mailing list