>I read throught the good description in FreeBSD's security advisory.
>
>What if you don't want to pass these file descriptors using normal
>standard input, output and standard error -- what is the
>suggested method?

if you (a process) don't want to pass the existing descriptors that
you have connected to 0, 1, and 2 on to a *setuid or setgid*
application, then attach them to /dev/null before you call exec.

if you (a process) are a setuid or setgid application that doesn't
require that 0, 1, and 2 be connected to anything in particular (or
indeed that they be closed), then handle it yourself and don't rely on
your invoker to do it for you.

i, personally, can't think of any cases where the above methodology
would fail.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."