CODING_STYLE: elaborate on O_CLOEXEC a bit

author Lennart Poettering <lennart@poettering.net>

Tue, 10 Feb 2015 20:25:28 +0000 (21:25 +0100)

committer Lennart Poettering <lennart@poettering.net>

Tue, 10 Feb 2015 20:25:38 +0000 (21:25 +0100)
author Lennart Poettering <lennart@poettering.net>
Tue, 10 Feb 2015 20:25:28 +0000 (21:25 +0100)
committer Lennart Poettering <lennart@poettering.net>
Tue, 10 Feb 2015 20:25:38 +0000 (21:25 +0100)
diff --git a/CODING_STYLE b/CODING_STYLE

index 30d24e56a6e1fa4ec9e40896f47096451b629f7b..1d1d97049257332671706b1810169feabc1000c4 100644 (file)
--- a/CODING_STYLE
+++ b/CODING_STYLE
@@ -195,4 +195,10 @@
  - When you allocate a file descriptor, it should be made O_CLOEXEC
    right from the beginning, as none of our files should leak to forked
    binaries by default. Hence, whenever you open a file, O_CLOEXEC must
-  be specified, right from the beginning.
+  be specified, right from the beginning. This also applies to
+  sockets. Effectively this means that all invocations to:
+
+  a) open() must get O_CLOEXEC passed
+  b) socket() and socketpair() must get SOCK_CLOEXEC passed
+  c) recvmsg() must get MSG_CMSG_CLOEXEC set
+  d) F_DUPFD_CLOEXEC should be used instead of F_DUPFD, and so on
author	Lennart Poettering <lennart@poettering.net>
	Tue, 10 Feb 2015 20:25:28 +0000 (21:25 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 10 Feb 2015 20:25:38 +0000 (21:25 +0100)