I realize this bugreport cannot fix 35 years of a bad design decision in linux. That&#39;s not the intention (that&#39;s a gordian knot I *will* be keeping a safe distance from). The intention is to create a saner default situation for most python programs.<div>

<br></div><div>Christophe<br><br><div class="gmail_quote">2011/5/20 Charles-François Natali <span dir="ltr">&lt;<a href="mailto:report@bugs.python.org">report@bugs.python.org</a>&gt;</span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">

<br>
Charles-François Natali &lt;<a href="mailto:neologix@free.fr">neologix@free.fr</a>&gt; added the comment:<br>
<br>
Hello Christophe,<br>
<br>
First and foremost, I think that the FD_CLOEXEC approach is terminally broken, as it should have been the default in Unix. Now, we&#39;re stuck with this bad design.<br>
But we can&#39;t simply change the default to FD_CLOEXEC, for two reasons:<br>
- we can&#39;t silently change the Unix semantics<br>
- this is going to break some applications: for example, FD inherited across exec is used by super servers such as inetd, and there are others very legitimate uses<br>
<div class="im"><br>
&gt;  in the class TCPServer<br>
&gt;  add the following 2 lines in __init__ after self.socket = socket( ...:<br>
&gt;    flags = fcntl.fcntl(self.socket, fcntl.F_GETFD)<br>
&gt;    fcntl.fcntl(self.socket, fcntl.F_SETFD, flags | fcntl.FD_CLOEXEC)<br>
<br>
</div>There are at least two problems with this approach:<br>
1) there&#39;s a race between the socket creation and the call to fcntl<br>
2) accept doesn&#39;t necessarily inherit the FD_CLOEXEC flag<br>
<br>
1) can be fixed on systems that support it through SOCK_CLOEXEC<br>
2) can be fixed on systems that support it through accept4(), but it seems to break badly on some systems, see issue #10115<br>
<br>
But I think this is a perfectly legitimate request, so one approach to tackle this problem could be:<br>
- since accept4() seems to fail so badly in some configurations, the only portable and reliable choice left is probably to call accept() then fcntl(FD_CLOEXEC) (there&#39;s a race, but it&#39;s better than nothing). We might reconsider this syscall in a couple years when we&#39;re sure it&#39;s implemented correctly<br>


- in the socketserver module, add a new set_socket_cloexec attribute to BaseServer, which would do the right thing (i.e. create the socket with SOCK_CLOEXEC if available, otherwise call fcntl(FD_CLOEXEC)), and in TCPServer, call fcntl(FD_CLOEXEC) after accept.<br>


<br>
That way, this would at least fix the problem for people using the socketserver module. People using sockets directly of course have the option of using SOCK_CLOEXEC and fcntl(FD_CLOEXEC) explicitely in their code.<br>
<br>
Gregory, any thoughts on this?<br>
<br>
----------<br>
<div><div></div><div class="h5"><br>
_______________________________________<br>
Python tracker &lt;<a href="mailto:report@bugs.python.org">report@bugs.python.org</a>&gt;<br>
&lt;<a href="http://bugs.python.org/issue12107" target="_blank">http://bugs.python.org/issue12107</a>&gt;<br>
_______________________________________<br>
</div></div></blockquote></div><br></div>