You know what’s dumb about Unix?
If you don’t inherit a standard error stream, the first file you open becomes standard error.
@alexbuzzbee yeah, and this is nicely abusable with setuid programs
$ some-setuid-program --foo=invalid-but-contolled-value 2>&-
@bugaevc Is there standard practice for preventing this kind of attack?
@alexbuzzbee I haven't heard of a standard practice, but it should be simple enough, e.g.
fd = open("/dev/null", O_RDWR);
} while (fd <= 2);
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.