Re: [PATCH][RFC] Remove CLONE_FILES from init kernel threadcreation

From: Andrew Morton
Date: Mon Nov 17 2003 - 15:50:18 EST


James Morris <jmorris@xxxxxxxxxx> wrote:
>
> The patch below removes the CLONE_FILES flag from the kernel_thread() call
> which starts init.
>
> This is to prevent other kernel threads from sharing file descriptors
> opened by init (try 'lsof /dev/initctl' on a 2.6 system :-).
>
> The reason this patch is being proposed is so that usermode helper apps
> launched via kernel threads (e.g. modprobe, hotplug) do not then inherit
> any such file descriptors. This is not a problem in itself so far (other
> than being messy), but it is a problem for SELinux, which will otherwise
> need to grant access to /dev/initctl by modprobe and hotplug, a somewhat
> undesirable scenario.
>
> As far as I can tell, there is no reason why init needs to be spawned with
> CLONE_FILES. Please let me know if there are any objections to the
> change, which I would like to propose for 2.6.0+ as a cleanup.
>

No, I can't think of a reason why we'd need CLONE_FILES in there. I'll
toss it in and see what breaks.

I wonder why call_usermodehelper() uses CLONE_FILES...


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/