This is the mail archive of the libc-help@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: What is GLibc's policy on what is safe to use after a fork from a multithreaded program?

From: Florian Weimer <fweimer at redhat dot com>
To: Steven Stewart-Gallus <sstewartgallus00 at mylangara dot bc dot ca>, libc-help at sourceware dot org
Date: Fri, 29 Aug 2014 17:11:31 +0200
Subject: Re: What is GLibc's policy on what is safe to use after a fork from a multithreaded program?
Authentication-results: sourceware.org; auth=none
References: <fc17f0ed4ec8 dot 53ffbf5e at langara dot bc dot ca>

On 08/29/2014 01:46 AM, Steven Stewart-Gallus wrote:

POSIX conformance constrains one to only use async-signal-safe
functions after a fork from a mulithreaded program.  More practically,
fork fucks with state such as the PID, pending signals, timers,
outstanding asynchronous I/O operations and locks that threads are
holding onto.  I need to fork from a multithreaded program and do
complicated things such as sandboxing a process with non
async-signal-safe functions such as mount, syscall, unshare, umount2
and setgroups (I can't exec a helper process because that drops
capabilities automatically).


Do you eventually call exec?

If yes, it's could be worthwhile to extend posix_spawn, assuming thatagreement can be reached about a useful set of new actions.


--
Florian Weimer / Red Hat Product Security

Follow-Ups:
- Re: What is GLibc's policy on what is safe to use after a fork from a multithreaded program?
  - From: Steven Stewart-Gallus

References:
- What is GLibc's policy on what is safe to use after a fork from a multithreaded program?
  - From: Steven Stewart-Gallus

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]