[Linux-HA] File descriptors in heartbeat V1

Alan Robertson alanr at unix.sh
Wed Oct 26 10:04:55 MDT 2005

Simon Rowe wrote:
> On Wednesday 26 Oct 2005 15:02, Alan Robertson wrote:
>> Well... It's only a security problem if they read or write them.  Only
>> the appropriate child processes read or write them.
> If the child process doesn't need them then they should be closed.
>> It's only a resource problem if they were different file descriptors.
>> In the kernel, they're all the same file descriptor - so no additional
>> resources are consumed.
> I was thinking more that it reduces the number of fds a process could open. 
> This isn't an issue in reality because the child processes only need a few 
> fds.


>> It wouldn't be so hard to close the _media_ file descriptors that aren't
>> needed.  But, I don't know of any attacks that can take advantage of
>> them being open.
> You really should close those fds that aren't required, not knowing of any 
> existing attacks isn't a good enough protection. There's nothing to stop 
> someone discovering a vulnerability in the serial plugin and then using to 
> launch a DOS via the ethernet fd.



If you create yourself an account on our bugzilla server, then you can 
add yourself to the CC list for this bug.

     Alan Robertson <alanr at unix.sh>

"Openness is the foundation and preservative of friendship...  Let me 
claim from you at all times your undisguised opinions." - William 

More information about the Linux-HA mailing list