RFR: JDK-8271858: Handle to jimage file inherited into child processes (posix)
Alan Bateman
alanb at openjdk.java.net
Thu Aug 5 13:16:45 UTC 2021
On Wed, 4 Aug 2021 12:22:24 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:
> We should not leak the handle to the jimage file (lib/modules) to childs.
>
> JDK-8194734 did solve this for windows. We should use FD_CLOEXEC on Posix as well.
>
> Note that this only poses a problem when a child process is spawned off not via `Runtime.exec` but via another route since the spawnhelper closes all file descriptors.
>
> ---
> test:
>
> manually verified that lib/modules now has the FD_CLOEXEC flag set.
src/java.base/unix/native/libjimage/osSupport_unix.cpp line 41:
> 39: */
> 40: jint osSupport::openReadOnly(const char *path) {
> 41: return ::open(path, O_CLOEXEC);
This is okay but I think it would be useful to know why this one place needs O_CLOEXEC and not others.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4991
More information about the core-libs-dev
mailing list