6 * closefrom - close all fds starting from specified fd.
8 * This code is an example of what to do in a child process to
9 * ensure that none of the (possibly sensitive) file descriptors
10 * in the parent remain in the child process.
12 * License: CC0 (Public domain)
13 * Author: ZmnSCPxj jxPCSnmZ <ZmnSCPxj@protonmail.com>
16 * #include <ccan/closefrom/closefrom.h>
17 * #include <ccan/err/err.h>
19 * #include <sys/resource.h>
20 * #include <sys/time.h>
21 * #include <sys/types.h>
22 * #include <sys/wait.h>
25 * int main(int argc, char **argv)
29 * // If being emulated, then we might end up
30 * // looping over a large _SC_OPEN_MAX
31 * // (Some systems have it as INT_MAX!)
32 * // If so, closefrom_limit will lower this limit
33 * // to a value you specify, or if given 0 will
35 * // Call this as early as possible.
38 * // If we limited, we can query this so we can
39 * // print it in debug logs or something.
40 * if (closefrom_may_be_slow())
41 * printf("we limited ourselves to 4096 fds.\n");
47 * closefrom(STDERR_FILENO + 1);
48 * // Insert your *whatever* code here.
52 * waitpid(child, NULL, 0);
58 int main(int argc, char *argv[])
60 /* Expect exactly one argument */
64 if (strcmp(argv[1], "depends") == 0) {