From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Subject: Re: [PATCH portable] portable: build closefrom unconditionally
To: Stefan Sperling <stsp@stsp.name>
Cc: Anna “CyberTailor” <cyber+misc@sysrq.in>, gameoftrees@openbsd.org
Date: Thu, 09 Dec 2021 09:40:14 -0700

On Thu, 09 Dec 2021 17:03:18 +0100, Stefan Sperling wrote:

> OpenBSD's closefrom(2) man page suggests that things could go wrong
> by way of close(2) failures (such as EINTR). I cannot judge the
> impact of such failures. I suppose an error could leave some files
> open which should be closed before exec(), and leave such files
> exposed to the child process? Could this be triggered deliberately
> by sending signals to the process?

This would only be possible if you use sigaction(2) without setting
SA_RESTART or use signal(3) on systems where restarting syscalls
is not the default (AT&T-derived Unix).

It looks like got uses signal(3), not sigaction(2).  Converting to
sigaction(2) would fix that portability problem.

 - todd