bind9 doesn't close extra fds
paul at vix.com
Wed Sep 4 06:16:34 UTC 2002
> > we could keep closing until fd>_SC_OPEN_MAX or the number of failed
> > closes due to EBADF exceeded some threshold (42 being my favourite.)
> This seems like a kluge.
the number "42" should have been your first clue in that regard.
> If we agree with W. Richard Stevens et. al. that daemons should close
> all unneeded file descriptors, then BIND should do it Right instead of
> doing what seems to be Good Enough.
> How about making the default behavior for BIND to close all fds up to
> _SC_OPEN_MAX, but provide the user with the equivalent of a
> "DontBlameSendmail" flag. E.g.: ...
when i ran into the first system where _SC_OPEN_MAX was 2**24-1, i decided
that the standard unix behaviour was just flat out wrong, and that closing
anything other than stdin/stdout/stderr was the responsibility of the exec'er.
More information about the bind-workers