fcntl.2: Note the race when O_CLOEXEC is used at same time as fork()+execve()

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-04-20 07:59:39 +02:00 · 2014-04-20 07:59:39 +02:00 · 2f4772d2d2
parent 7756d15761
commit 2f4772d2d2
1 changed files with 16 additions and 1 deletions
--- a/man2/fcntl.2
+++ b/man2/fcntl.2
@ -58,7 +58,7 @@
 .\" 2010-06-17, Michael Kerrisk
 .\"	Document F_SETPIPE_SZ and F_GETPIPE_SZ.
 .\"
-.TH FCNTL 2 2014-02-20 "Linux" "Linux Programmer's Manual"
+.TH FCNTL 2 2014-04-20 "Linux" "Linux Programmer's Manual"
 .SH NAME
 fcntl \- manipulate file descriptor
 .SH SYNOPSIS
@ -142,6 +142,21 @@ is ignored.
 .BR F_SETFD " (\fIint\fP)"
 Set the file descriptor flags to the value specified by
 .IR arg .
+.PP
+In multithreaded programs, using
+.BR fcntl ()
+.B F_SETFD
+to set the close-on-exec flag at the same time as another thread performs a
+.BR fork (2)
+plus
+.BR execve (2)
+is vulnerable to a race condition that may unintentionally leak
+the file descriptor to the program executed in the child process.
+See the discussion of the
+.BR O_CLOEXEC
+flag in
+.BR open (2)
+for details and a remedy to the problem.
 .SS File status flags
 Each open file description has certain associated status flags,
 initialized by