document fd 0-2 scheme for setuid/setgid

author: deraadt <deraadt@openbsd.org> 1998-07-02 09:08:53 +0000
committer: deraadt <deraadt@openbsd.org> 1998-07-02 09:08:53 +0000
commit: f3a5bf5becfff9f4a41a3893abf8aa5802fc5ece (patch)
tree: 5e3b07d73eadf8881450631020494ac05a9edb05 /lib/libc/sys
parent: I suppose debugging code can be removed (diff)
download: wireguard-openbsd-f3a5bf5becfff9f4a41a3893abf8aa5802fc5ece.tar.xz
wireguard-openbsd-f3a5bf5becfff9f4a41a3893abf8aa5802fc5ece.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/libc/sys/execve.2 b/lib/libc/sys/execve.2
index de7a0dc8ee2..023d232d499 100644
--- a/lib/libc/sys/execve.2
+++ b/lib/libc/sys/execve.2
@@ -115,6 +115,13 @@ and
 .Xr fcntl 2 ) .
 Descriptors that remain open are unaffected by
 .Fn execve .
+In the case of a new setuid or setgid executable being executed, if
+file descriptors 0, 1, or 2 (representing stdin, stdout, and stderr)
+are currently unallocated, these descriptors will be opened to point to
+some system file like
+.Pa /dev/null .
+The intent is to ensure these descriptors are not unallocated, since
+many libraries make assumptions about the use of these 3 file descriptors.
 .Pp
 Signals set to be ignored in the calling process are set to be ignored in
 the
author	deraadt <deraadt@openbsd.org>	1998-07-02 09:08:53 +0000
committer	deraadt <deraadt@openbsd.org>	1998-07-02 09:08:53 +0000
commit	f3a5bf5becfff9f4a41a3893abf8aa5802fc5ece (patch)
tree	5e3b07d73eadf8881450631020494ac05a9edb05 /lib/libc/sys
parent	I suppose debugging code can be removed (diff)
download	wireguard-openbsd-f3a5bf5becfff9f4a41a3893abf8aa5802fc5ece.tar.xz wireguard-openbsd-f3a5bf5becfff9f4a41a3893abf8aa5802fc5ece.zip