From: Ricardo Branco Subject: Re: [PATCH]: Add POSIX O_CLOFORK flag To: Philip Guenther Cc: tech@openbsd.org Date: Sun, 22 Jun 2025 09:09:13 +0200 On 6/22/25 2:35 AM, Philip Guenther wrote: > On Sat, Jun 21, 2025 at 4:44 PM Philip Guenther wrote: >> On Sat, Jun 21, 2025 at 4:04 PM Ricardo Branco wrote: >>> This initial patch adds support for POSIX O_CLOFORK (close-on-fork) flag. >>> >>> If there's interest, I can update manpages and fill the TODO list in the PR: >>> https://github.com/openbsd/src/pull/46 >>> >>> I uploaded the full test-suite from Illumos adapted to OpenBSD there. >>> >>> Work also being done to add this flag on: >>> >>> - FreeBSD:https://github.com/freebsd/freebsd-src/pull/1698 >>> - DragonflyBSD:https://github.com/DragonFlyBSD/DragonFlyBSD/pull/28 >>> >>> The discussion for adding this flag was done in the FreeBSD PR. >> Nope. I implemented this myself last summer, but after Damien Miller >> suggest that OpenSSH would want to clear the flag on inherited fds we >> decided the specified behavior of O_CLOFORK being inherited across >> exec is insecure, unnecessary for purpose, and kinda insane. I opened >> a ticket with austin group: >> https://austingroupbugs.net/view.php?id=1851 >> >> Geoff Clare was going to reach out to other implementations to get >> feedback but nothing has happened since. >> >> Maybe we should say that more than 10 months was sufficient for >> austin-group to address a potential security issue, in which case I'll >> rebase my diff, but with clearing the flag on exec because WTH were >> they thinking. > Rebased diff, with cleared-on-exec behavior, attached, in case you > want to play with it, Richardo. > Regress tests would be wonderful :) Thanks.  Will have a look at it. This flag is already implemented in Solaris / Illumos. I adapted the Illumos' testsuite to *BSD in each PR but plan to extend the ones we have for CLOEXEC.  But first dig into the ticket. Best, Ricardo.