[PATCH 2/2] Xinit: close stdin to avoid leak of file descriptior to the Xorg session.

Ray Strode halfline at gmail.com
Tue Jul 26 13:34:11 PDT 2011


Hi,

On Tue, Jul 26, 2011 at 4:02 PM, Jeremy Huddleston <jeremyhu at apple.com> wrote:
> IMO, there is a point to closing stdin aside from the setsid(2).
My point is, it only solves the problem part way.

As an example, say a program wants to ask the user for a password.
The program supports asking the user at the console if run from a tty,
and supports asking the user from an X dialog otherwise.  The way that
program would ask the user for a password at the console is by opening
/dev/tty (since password programs don't read input from stdin).  That
program could first try to open /dev/tty, and if it fails assume an X
fall back.  If you haven't insulated the client from the tty startx
was run on, then this program may end up trying to ask for a password
on some switched away VT! and would probably get suspended instantly
with SIGTTIN.  You could argue the client should try X first and fall
back to console.  Or you could argue the client should do isatty() on
stdin before trying to open /dev/tty.  But both are debatable and this
is just one example, anyway.

The example serves to show that redirecting STDIN to /dev/null
partially solves the same problem setsid partially solves.That problem
is "detaching X clients from the tty startx was run on".

Or is there another problem being solved, that you have in mind?

--Ray


More information about the xorg-devel mailing list