Bug #1177: Don't close all "other" filedescriptors

Currently when Squid is started it forcibly closes all "other" filedescriptors
other than stdin/stdout/stderr. While this is a reasonable security precaution
to clean up filedescriptor leakage from the caller it crashes some SSL libraries
and possibly other functions which opens internal filedescriptors on startup or
while the configuration is parsed.

It also causes problems for daemontools or other service monitors monitoring
the daemon by keeping a unused pipe open to the daemon process.

diff --git a/src/main.cc b/src/main.cc
index ecffe3f0369bb5962105a3e10d3710b2056559f2..85117d616db95ffe7200058ef52c51dbf64ecbd3 100644 (file)
--- a/src/main.cc
+++ b/src/main.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: main.cc,v 1.398 2004/12/21 17:28:29 robertc Exp $
+ * $Id: main.cc,v 1.399 2004/12/27 16:59:14 hno Exp $
  *
  * DEBUG: section 1     Startup and Main Loop
  * AUTHOR: Harvest Derived
@@ -1064,10 +1064,6 @@ main(int argc, char **argv)
 
     setMaxFD();
 
-    if (opt_catch_signals)
-        for (n = Squid_MaxFD; n > 2; n--)
-            close(n);
-
     /* init comm module */
     comm_init();
 
@@ -1361,10 +1357,6 @@ watch_child(char *argv[])
         dup2(nullfd, 2);
     }
 
-    /* Close all else */
-    for (i = 3; i < Squid_MaxFD; i++)
-        close(i);
-
     for (;;) {
         mainStartScript(argv[0]);