[Python-Dev] Proposal for a new function "open_noinherit" to avoid problems with subprocesses and security risks
"Martin v. Löwis"
martin at v.loewis.de
Sat Jun 30 19:24:41 CEST 2007
> I think the best place for it would be as a new method "set_noinherit"
> for file and socket objects or as a new function in the os module
> (thus the implementation should probably be rewritten at the C level).
Indeed. Can you come up with a C implementation of it?
I think it should be a function in the posix/nt module, expecting
OS handles; the function in the os module could additionally support
sockets and file objects also in a polymorphic way.
> This works until the queue is full (whose size was specified in
> listen()). THEN the client will get (10061, 'Connection refused');
> as you already explained.
That's for accept, yes. For send, you can continue sending until
the TCP window closes (plus some unspecified amount of local
buffering the OS might do).
> However, sometimes a subprocess might crash or hang.
> Now what happens if the server program is closed and then started
> again? On Linux, no problem (more or less). When the server program
> is closed, the subprocess will be killed by the OS (I think), and
> the socket is released (perhaps with a few minutes delay).
That's not true. The child process can run indefinitely even though
the parent process has terminated. You may be thinking of SIGHUP,
which is sent to all processes when the user logs out of
the terminal.
Regards,
Martin
More information about the Python-Dev
mailing list