Really wierd 'more' interaction with 'newrole' and stderr...
Michael Sweet
mike at easysw.com
Fri May 26 17:53:47 UTC 2006
Valdis.Kletnieks at vt.edu wrote:
> On Fri, 26 May 2006 13:27:56 EDT, Stephen Smalley said:
>
>> Hmm...they used to be O_RDWR, but Steve Grubb submitted a patch that
>> changed them a while back as part of a general cleanup of newrole. If
>> programs expect stdout and stderr to be rw, then I suppose newrole needs
>> to open them that way, although it does seem odd to read from your error
>> stream.
>
> It can't read from stdin, because that might be in use:
>
> grep foo bar* | more
>
> And most shells open stderr as R/W, so reading from that works.
>
> One can certainly argue that stderr *should* be write-only, and programs
> using stderr for reading should probably be fixed to open /dev/tty and use
> that instead. But not knowing whether it's just this one odd program,
> or lots of them, I can't really say.
> ...
But don't programs like "more" open /dev/tty?
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw dot com
Internet Printing and Document Software http://www.easysw.com
More information about the fedora-selinux-list
mailing list