Re: [shadow-maint/shadow] Add cheap defense mechanisms (PR #1171)
From: Alejandro Colomar <alx@kernel.org>
Date: 2025-02-17 09:41:27
Hi, On Sun, Feb 16, 2025 at 06:15:18PM -0800, Karlson2k wrote:
Karlson2k left a comment (shadow-maint/shadow#1171) Doesn't use of glibc extensions break functioning with non-glibc, like musl?
Hmmm, I didn't know musl doesn't support this. It would be interesting to get them to support it. I've CCd several interested parties in this email.
Isn't it safe to use constructs likeshadow = fopen (SGROUP_FILE, "re"); if (NULL == shadow ) shadow = fopen (SGROUP_FILE, "r");?
Is 'e' only available in glibc? Do other libraries consciously not support O_CLOEXEC in fopen(3)? I see that POSIX.1-2024 added the 'e' mode string character, so we're using standard features (yeah, very modern ones, but still standard). Is there any reason to not implement them, or is it just a matter of time and contributors? <https://pubs.opengroup.org/onlinepubs/9799919799/functions/fopen.html>
Or, alternatively, detect extension in `configure`?
If we have to... Have a lovely day! Alex -- <https://www.alejandro-colomar.es/>
Attachments
- signature.asc [application/pgp-signature] 833 bytes