Re: [PATCH] be paranoid about closed stdin/stdout/stderr

["Stephen R. van den Berg" <srb@xxxxxxx>]

Junio C Hamano wrote:
>Junio C Hamano <gitster@xxxxxxxxx> writes:
>I think
>	$ git fetch 0<&-
>from the command line is a mere user stupidity.

>On the other hand, if a cron/at job that contains "git fetch" is launched
>in an environment with fd#0 (or #1 or #2 for that matter) closed, it would
>certainly be problematic.  It can easily be worked around by redirecting
>file descriptors appropriately in the script that is launched, though.

A sane cron environment always has proper 0, 1 and 2 descriptors.
This basically goes with rule #2: if your cron doesn't have 0, 1 and 2
open, you have big problems already, so camouflaging those problems
is not going to help the user.

>On a related note, we should make sure that we run our hooks with the set
>of low file descriptors opened sensibly.  It would be a bug if we are
>running them in a weird environment and forcing them to do funky
>redirection themselves.  I think we are already Ok in this regard, but I
>didn't check.

Agreed, but this is the responsibility of anyone launching other
processes (cleanup, then launch).
-- 
Sincerely,
           Stephen R. van den Berg.

"Good moaning!"
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html