forked from OSchip/llvm-project
19 lines
423 B
ReStructuredText
19 lines
423 B
ReStructuredText
.. title:: clang-tidy - android-cloexec-dup
|
|
|
|
android-cloexec-dup
|
|
===================
|
|
|
|
The usage of ``dup()`` is not recommended, it's better to use ``fcntl()``,
|
|
which can set the close-on-exec flag. Otherwise, an opened sensitive file would
|
|
remain open across a fork+exec to a lower-privileged SELinux domain.
|
|
|
|
Examples:
|
|
|
|
.. code-block:: c++
|
|
|
|
int fd = dup(oldfd);
|
|
|
|
// becomes
|
|
|
|
int fd = fcntl(oldfd, F_DUPFD_CLOEXEC);
|