Claudio Jeker <cjeker@diehard.n-r-g.com> wrote:

> This reasoning is somewhat wrong. Privsep fork/exec daemons should use
> O_CLOEXEC all the time. Not doing so is a bug. closefrom() is for the
> cases where you have no clue what fds where inherited and the process just
> wants a "clean" slate.
> In some cases one can not use O_CLOEXEC but then the parent should call
> fcntl F_SETFD with FD_CLOEXEC after.

I agree completely.

closefrom() was invented to copy a fd close loop in the shells, because unfixable
fd polution was discovered in some code by the Solaris team (first), so they
wanted the close loop, but with less expense.  So a system call was born which
didn't need to keep hunting for the highest fd's to close.

It is the wrong thing in almost all other cases.  There is no justification
to get sloppy because closefrom() exists.  It's the other way around.