[Haskell-cafe] Re: Bug in runInteractiveProcess?
Donn Cave
donn at drizzle.com
Wed Oct 17 11:18:44 EDT 2007
On Wed, 17 Oct 2007, Brandon S. Allbery KF8NH wrote:
...
> Well, security folks (professional paranoids :) tend to consider
> passing anything other than standard file descriptors to arbitrary
> subprocesses to be a potential uncontrolled information leak. There
> *are* times when you want to care about this, but in general there is
> a tradeoff between secure and usable so most practical systems take
> the middle road and make the programmer do fd swizzling by hand if
> they need special behavior in either direction (either more or less
> sharing, that is). (Early Unix, on the other hand, erred toward the
> permissive/promiscuous, cf. your NetBSD source comparison.)
My source observations may have been ambiguous. Old NetBSD popen
closed all fds, current NetBSD popen closes only popen fds.
Donn Cave, donn at drizzle.com
More information about the Haskell-Cafe
mailing list