Subject: Re: Warning message: Why do I care?
From: David Laight <firstname.lastname@example.org>
Date: 07/19/2002 09:10:02
> Why on earth is it bad to do this?
> What is this warning trying to warn me of?
The 'problem' is that the program you exec might try to write
an error message after it has opened another file (and got fd2).
This could easily corrupt some important file...
Note that even if the program you exec isn't suid it could overwrite
one of your files. What is more, there are (probably) lurking printf()
and fprintf(stderr,..) calls lurking in library code that can generate
a write(1,...) or write(2,...) onto what they assume to be the
It is far safer to ensure that fd1 and fd2 point to a log file of
some form (or maybe /dev/null) and that fd0 be /dev/null.
A few years ago it took us a considerable time to find out where one
corruption was coming from (a chunk of text being written into a
control pipe that was detected as an invalid message, but had a Gbyte
sized 'trailer'/'payload'. The daemon then junked everything it was
sent trying to discard the tralier.) it turned out that the code had
done close(1) not fclose(stdout) and that a sprintf() call had been
erronously written printf(). Since the string in the 'format' place
didn't contain a LF nothing happened until the stdio buffer became
David Laight: email@example.com