From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 30 Oct 2014 16:05:25 +0000 (+0100)
Subject: CODING_STYLE: clarify that we really should use O_CLOEXEC everywhere
X-Git-Tag: v218~658
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=dd4540da0e1f983540d862cc657df7161a3bdd06

CODING_STYLE: clarify that we really should use O_CLOEXEC everywhere
---

diff --git a/CODING_STYLE b/CODING_STYLE
index 4439ee609..0b1f809e7 100644
--- a/CODING_STYLE
+++ b/CODING_STYLE
@@ -190,3 +190,8 @@
 - Do not write functions that clobber call-by-reference variables on
   failure. Use temporary variables for these cases and change the
   passed in variables only on success.
+
+- When you allocate a file descriptor, it should be made O_CLOEXEC
+  right from the beginning, as none of our files should leak to forked
+  binaries by default. Hence, whenever you open a file, O_CLOEXEC must
+  be specified, right from the beginning.