tech-security: Re: fd 0/1/2

Subject: Re: fd 0/1/2
To: None <tech-security@netbsd.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-security
Date: 05/15/2002 08:56:10

> >If you do get a warning message:
> >
> >set{u,g}id pid 17149 (exim-4.04-1) was invoked b y uid 104 ppid 209 (exim-4.04-1) with fd 0,1,2 closed

So the above I assume was logged by new kernel.

(And "exim-4.04-1" was the actual binary executable name.)

> >what should you do about it?
>
> either of:
>
> (1) ignore it
> (2) fix exim

I read throught the good description in FreeBSD's security advisory.

What if you don't want to pass these file descriptors using normal
standard input, output and standard error -- what is the
suggested method?

What is a good code example?

Thanks,

   Jeremy C. Reed
   http://www.reedmedia.net/