[Python-Dev] PEP 433: Add cloexec argument to functions creating file descriptors
Victor Stinner
victor.stinner at gmail.com
Mon Jan 14 15:08:24 CET 2013
2013/1/14 Nick Coghlan <ncoghlan at gmail.com>:
> I'm a fan of the conservative approach, with an environment variable
> and command line option to close FDs by default in 3.4 (similar to
> PYTHONHASHSEED and -R in the pre-3.3 security releases), and the
> cloexec/noinherit behaviour becoming the default (with no way to turn
> it off globally) in 3.5.
Do you mean "environment variable and command line option" *instead
of* a new sys.setdefaultcloexec() function?
An environment variable and a command line option have an advantage
over a function: libraries cannot modify the value at runtime (so 2
libraries cannot set different values :-)).
2013/1/14 Nick Coghlan <ncoghlan at gmail.com>:
> Turning off a security feature implicitly isn't a good idea. If
> someone passes such a descriptor, their child application will fail
> noisily - it's then up to the developer to decide if they passed the
> wrong file descriptor, or simply need to ensure the one they passed
> remains open in the child process.
For my subprocess/pass_fds comment: I wrote it initially while the PEP
was proposing to setting close-on-exec flag by default. I will move
this comment to the "Set close-on-exec flag by default".
Victor
More information about the Python-Dev
mailing list