Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:90984 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 77489 invoked from network); 27 Jan 2016 19:47:48 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 27 Jan 2016 19:47:48 -0000 Authentication-Results: pb1.pair.com header.from=php@dennis.birkholz.biz; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=php@dennis.birkholz.biz; spf=unknown; sender-id=unknown Received-SPF: unknown (pb1.pair.com: domain dennis.birkholz.biz does not designate 144.76.185.252 as permitted sender) X-PHP-List-Original-Sender: php@dennis.birkholz.biz X-Host-Fingerprint: 144.76.185.252 mx01.nexxes.net Received: from [144.76.185.252] ([144.76.185.252:54631] helo=mx01.nexxes.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 8E/BB-28185-2EE19A65 for ; Wed, 27 Jan 2016 14:47:47 -0500 Received: from [192.168.178.29] (xdsl-87-78-41-54.netcologne.de [87.78.41.54]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: db220660-p0g-1@packages.nexxes.net) by mx01.nexxes.net (Postfix) with ESMTPSA id 53470482501; Wed, 27 Jan 2016 20:47:43 +0100 (CET) To: Julien Pauli , Yasuo Ohgaki , 'PHP Internals' References: X-Enigmail-Draft-Status: N1110 Message-ID: <56A91EDE.60405@dennis.birkholz.biz> Date: Wed, 27 Jan 2016 20:47:42 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Bug #67383 exec() leaks file and socket descriptors to called program From: php@dennis.birkholz.biz Hi all, Am 27.01.2016 um 15:01 schrieb Julien Pauli: > On Wed, Jan 27, 2016 at 1:03 PM, Yasuo Ohgaki wrote: >> Hi all, >> >> This bug comes to my attention. >> https://bugs.php.net/bug.php?id=67383 >> >> This report includes patch that prevents file descriptor leaks. >> https://bugs.php.net/patch-display.php?bug_id=67383&patch=SOCK_CLOEXEC-and-FD_CLOEXEC&revision=latest >> >> There may be cases that CLOEXEC cannot be applied blindly, but it >> seems this fixes lots of bugs including very old bugs. >> Why this patch is not merged and closed? >> >> Regards, >> >> -- >> Yasuo Ohgaki >> yohgaki@ohgaki.net >> >> -- >> PHP Internals - PHP Runtime Development Mailing List >> To unsubscribe, visit: http://www.php.net/unsub.php >> > > Hi, > > Great catch. > > We already have many CLOEXEC, but we seem to be missing lots of them. > > There is a note however, in bug ticket 67383, about a problem in FPM > with CLOEXEC, which should be qualified and addressed. > Just don't apply blindly the patch. I think this patch is going to far. I agree any socket that is created by the sapi should be opened with SOCK_CLOEXEC. But in userland it must be possible to keep a socket open when forking, otherwise it is a big BC issue. At least the changes in ext/socket/socket.c, main/streams/plain_wrapper.c and main/fopen_wrappers.c change userland socket behavior in a not-compatible way. Maybe a fcntl wrapper which allows to enable/disable the SOCK_CLOEXEC flag should be introduced (in the next minor) and later (maybe in 8) userland sockets could be opened with SOCK_CLOEXEC set (as a security thing) with a workaround available for manual forking and keeping the sockets open. Greets Dennis