On Thu, 09 Dec 2021 17:03:18 +0100, Stefan Sperling wrote:

> OpenBSD's closefrom(2) man page suggests that things could go wrong
> by way of close(2) failures (such as EINTR). I cannot judge the
> impact of such failures. I suppose an error could leave some files
> open which should be closed before exec(), and leave such files
> exposed to the child process? Could this be triggered deliberately
> by sending signals to the process?

This would only be possible if you use sigaction(2) without setting
SA_RESTART or use signal(3) on systems where restarting syscalls
is not the default (AT&T-derived Unix).

It looks like got uses signal(3), not sigaction(2).  Converting to
sigaction(2) would fix that portability problem.

 - todd