On 2012-12-14 at 21:22 +0100, Michael Haardt wrote:
> > It's "flush all stdio streams which might have buffered data", which
> > seems appropriate before a security boundary transition.
>
> I know what it does, but why is it needed? Which stdio files are open at
> that time? If we don't know, how can we be sure that their descriptors
> should be inherited?
Actually, I mis-spoke: it was because of the fork(). C code I write
always does a fflush(NULL) before a fork(), to ensure that content
doesn't get doubled. I think I picked this habit up from a W. Richard
Stevens book (not sure, it's been too many years). It's that, more than
anything about any particular I/O stream.
Looking briefly at the codepaths, it looks like some logs going to
stderr may be in buffers at the point of the fork. I don't have time to
investigate further at this point.
Seriously, much as I'd be happy to see Sun4 compatibility restored[*], if
ANSI C stdio is to be avoided at this level, we may be in the territory
of "patches needed to build".
Regards,
-Phil
[*] My first serious Unix usage was SunOS 4, I have a soft spot in my
heart for it. But I can be a callous b'stard if needed.
