> Given that some programs close all high numbered fds, I'm sure there
> is a lurking security issue if you set rlimit(NO_FILES) to below one
> of their open files - since it won't get closed.

> OTOH I haven't spotted anything useful (yet).

I have actually (ab)used that.  I had a program that did the
close-all-open-files thing, but wanted to sneak SSH_AUTHENTICATION_FD
past it.  So I diddled ssh_agent to put the fd high up, and then set
rlimit(NOFILE) lower than that.

Of course, several people will doubtless explain why this was a wrong
answer, for whatever value of 'wrong", but it did what I wanted at the
time, which makes it right in some pragmatic sense....

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B