On 6/22/25 2:35 AM, Philip Guenther wrote:
> On Sat, Jun 21, 2025 at 4:44 PM Philip Guenther<guenther@gmail.com> wrote:
>> On Sat, Jun 21, 2025 at 4:04 PM Ricardo Branco<rbranco@suse.de> wrote:
>>> This initial patch adds support for POSIX O_CLOFORK (close-on-fork) flag.
>>>
>>> If there's interest, I can update manpages and fill the TODO list in the PR:
>>> https://github.com/openbsd/src/pull/46
>>>
>>> I uploaded the full test-suite from Illumos adapted to OpenBSD there.
>>>
>>> Work also being done to add this flag on:
>>>
>>> - FreeBSD:https://github.com/freebsd/freebsd-src/pull/1698
>>> - DragonflyBSD:https://github.com/DragonFlyBSD/DragonFlyBSD/pull/28
>>>
>>> The discussion for adding this flag was done in the FreeBSD PR.
>> Nope.  I implemented this myself last summer, but after Damien Miller
>> suggest that OpenSSH would want to clear the flag on inherited fds we
>> decided the specified behavior of O_CLOFORK being inherited across
>> exec is insecure, unnecessary for purpose, and kinda insane.  I opened
>> a ticket with austin group:
>>      https://austingroupbugs.net/view.php?id=1851
>>
>> Geoff Clare was going to reach out to other implementations to get
>> feedback but nothing has happened since.  <shrug>
>>
>> Maybe we should say that more than 10 months was sufficient for
>> austin-group to address a potential security issue, in which case I'll
>> rebase my diff, but with clearing the flag on exec because WTH were
>> they thinking.
> Rebased diff, with cleared-on-exec behavior, attached, in case you
> want to play with it, Richardo.
> Regress tests would be wonderful :)

Thanks.  Will have a look at it.

This flag is already implemented in Solaris / Illumos.

I adapted the Illumos' testsuite to *BSD in each PR but plan to extend
the ones we have for CLOEXEC.  But first dig into the ticket.

Best,
Ricardo.