On 6/24/25 7:31 AM, Theo Buehler wrote:
> On Tue, Jun 24, 2025 at 07:24:08AM +0200, Ricardo Branco wrote:
>>
>> On 6/24/25 6:10 AM, Philip Guenther wrote:
>>> On Sat, Jun 21, 2025 at 4:44 PM Philip Guenther <guenther@gmail.com> wrote:
>>> ...
>>>> Nope.  I implemented this myself last summer, but after Damien Miller
>>>> suggest that OpenSSH would want to clear the flag on inherited fds we
>>>> decided the specified behavior of O_CLOFORK being inherited across
>>>> exec is insecure, unnecessary for purpose, and kinda insane.  I opened
>>>> a ticket with austin group:
>>>>       https://austingroupbugs.net/view.php?id=1851
>>>>
>>>> Geoff Clare was going to reach out to other implementations to get
>>>> feedback but nothing has happened since.  <shrug>
>>>>
>>>> Maybe we should say that more than 10 months was sufficient for
>>>> austin-group to address a potential security issue, in which case I'll
>>>> rebase my diff, but with clearing the flag on exec because WTH were
>>>> they thinking.
>>> Alan Coopersmith has reported in the ticket that while Solaris 11.3
>>> implemented the POSIX behavior, they talked internally and Solaris
>>> 11.4.78 changed to my proposal, clearing the flag on exec.
>>>
>>>
>>> Philip Guenther
>> I submitted a PR to OmniOS and asked if the oclo tests could be
>> relicensed to BSD. Also asked Oxide Computers separately via email.
>>
>> Awaiting response.
>>
>> https://github.com/omniosorg/illumos-omnios/pull/1589
> If these tests are good and worth running (as they probably are given
> the source), we can always place the .c files into a port and have the
> regress tests depend on that port.
How can I do this?  Extending current tests is not worth it, imo.

These tests are more than enough...  Still waiting for a response if
they can relicense them to BSD though.

Best,
Ricardo.