[Enigmail] xulrunner-ipc leaves file descriptors open in child process?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Mar 20 21:16:11 PDT 2009 

Hi folks--

I've made significant progress in getting xulrunner-ipc to build cleanly
with a relatively simple makefile, to the point where i've event gotten
firegpg 0.7.5 working on GNU/linux on the powerpc(!)  I hope to publish
a bit of my revised build process soon, as i'd like it to be useful to
people other than myself.

I've been exploring its behavior, though, and i'm finding that the
spawned child process appears to retain a copy of all of the file
descriptors of the parent process.  Is this intentional?

Here's an example that i caught during a long-running child process
(this is firegpg creating a key):

> dkg at clam:~$ lsof -p 4333
> COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF   NODE NAME
> gpg     4333  dkg  cwd    DIR  254,3     4096  31746 /home/dkg
> gpg     4333  dkg  rtd    DIR    3,3     1024      2 /
> gpg     4333  dkg  txt    REG  254,2   940384  18117 /usr/bin/gpg
> gpg     4333  dkg  mem    REG    3,3   248532  81615 /lib/libncurses.so.5.7
> gpg     4333  dkg  mem    REG    3,3  1475220  81585 /lib/libc-2.9.so
> gpg     4333  dkg  mem    REG    3,3    39968  81489 /lib/libusb-0.1.so.4.4.4
> gpg     4333  dkg  mem    REG    3,3    13896  81594 /lib/libdl-2.9.so
> gpg     4333  dkg  mem    REG    3,3   255792  81446 /lib/libreadline.so.5.2
> gpg     4333  dkg  mem    REG    3,3    78760 148208 /lib/libbz2.so.1.0.4
> gpg     4333  dkg  mem    REG  254,2    86440  65892 /usr/lib/libz.so.1.2.3.3
> gpg     4333  dkg  mem    REG    3,3    83728  81607 /lib/libresolv-2.9.so
> gpg     4333  dkg  mem    REG    3,3   133784  81443 /lib/ld-2.9.so
> gpg     4333  dkg  mem    REG  254,2  1316224  66851 /usr/lib/locale/locale-archive
> gpg     4333  dkg    0r  FIFO    0,6      0t0 396833 pipe
> gpg     4333  dkg    1w  FIFO    0,6      0t0 396834 pipe
> gpg     4333  dkg    2w  FIFO    0,6      0t0 396835 pipe
> gpg     4333  dkg    3r   CHR    1,9      0t0    911 /dev/urandom
> gpg     4333  dkg    4r   CHR    1,8      0t0    905 /dev/random
> gpg     4333  dkg    6w   REG  254,3        0  32853 /home/dkg/.mozilla/firefox/jevgkzsj.default/.parentlock
> gpg     4333  dkg    7w   REG  254,3        0  32853 /home/dkg/.mozilla/firefox/jevgkzsj.default/.parentlock
> gpg     4333  dkg    8r  FIFO    0,6      0t0 396732 pipe
> gpg     4333  dkg    9r   CHR    1,9      0t0    911 /dev/urandom
> gpg     4333  dkg   10r  FIFO    0,6      0t0 396730 pipe
> gpg     4333  dkg   11r   CHR    1,9      0t0    911 /dev/urandom
> gpg     4333  dkg   12w  FIFO    0,6      0t0 396730 pipe
> gpg     4333  dkg   14w  FIFO    0,6      0t0 396732 pipe
> gpg     4333  dkg   15r   REG  254,2   142439   3147 /usr/share/iceweasel/chrome/en-US.jar
> gpg     4333  dkg   17r   REG  254,2  1910570   3149 /usr/share/iceweasel/chrome/browser.jar
> gpg     4333  dkg   19r   REG  254,2   332551   3036 /usr/share/xulrunner-1.9/chrome/en-US.jar
> gpg     4333  dkg   20r   REG  254,2   399489   3041 /usr/share/xulrunner-1.9/chrome/classic.jar
> gpg     4333  dkg   21r   REG  254,2  1931358   3037 /usr/share/xulrunner-1.9/chrome/toolkit.jar
> gpg     4333  dkg   23r   REG  254,2    39553   3162 /usr/share/iceweasel/chrome/reporter.jar
> gpg     4333  dkg   24r   REG  254,2   548457  69831 /usr/lib/mozilla-extensions/firegpg/chrome/firegpg.jar
> gpg     4333  dkg   25r   REG  254,2   178319   3151 /usr/share/iceweasel/chrome/classic.jar
> gpg     4333  dkg   27w  FIFO    0,6      0t0 396735 pipe
> gpg     4333  dkg   32u   REG  254,3     8468  32877 /home/dkg/.mozilla/firefox/jevgkzsj.default/Cache/_CACHE_MAP_
> gpg     4333  dkg   33r  FIFO    0,6      0t0 396738 pipe
> gpg     4333  dkg   34w  FIFO    0,6      0t0 396738 pipe
> gpg     4333  dkg   38u   REG  254,3     7310  32878 /home/dkg/.mozilla/firefox/jevgkzsj.default/Cache/_CACHE_001_
> gpg     4333  dkg   39u   REG  254,3    19264  32879 /home/dkg/.mozilla/firefox/jevgkzsj.default/Cache/_CACHE_002_
> gpg     4333  dkg   40u   REG  254,3     4096  32880 /home/dkg/.mozilla/firefox/jevgkzsj.default/Cache/_CACHE_003_
> gpg     4333  dkg   42u  IPv4 396823      0t0    TCP clam.lair.fifthhorseman.net:53191->yo-in-f113.google.com:www (CLOSE_WAIT)
> gpg     4333  dkg   48r  FIFO    0,6      0t0 396752 pipe
> gpg     4333  dkg   49w  FIFO    0,6      0t0 396752 pipe
> dkg at clam:~$ 

It seems like most of the open file descriptors are *not* file
descriptors that GnuPG would have opened on its own.  So i can only
assume that the file descriptors are inherited from the parent process.

This seems potentially sloppy -- what if there were three network
connections opened by the parent, and the child process was to start
manipulating them?  What about writing to the cache or adjusting the
already-open files somehow?  Wouldn't it make more sense to close all
file descriptors except the pipes before execing the child process?

Or is there some reason that the child process in xulrunner-ipc should
really have access to all of the parent's file descriptors?

Regards,

	--dkg


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: <http://www.mozdev.org/pipermail/enigmail/attachments/20090321/2ff2af0a/attachment.bin>

More information about the Enigmail mailing list