目前没有办法做到这一点。
我玩弄了一个补丁来添加它,但是我遇到了一些问题并且没有时间测试东西。我可以分享补丁,但你将自己测试它。
请注意,以下所有内容均假定为 POSIX 系统。
简单的 #1
最简单的做法似乎是关闭所有非标准 fd,无一例外:
struct close_fds : bp::extend::handler {
template <typename Executor>
void on_exec_setup(Executor& /*ex*/) {
// TODO implemented smarter - below meddles with the library internals
int maxfd=sysconf(_SC_OPEN_MAX);
for(int fd=3; fd<maxfd; fd++) {
::close(fd);
}
}
};
现在您只需将该关键字传递到您的流程创建 API 中:
bp::child x(..., close_fds{});
这行不通
一方面,在 Boost Process 内部(例如错误处理/报告)中,有用于内部通信的强制性父子管道。我们没有考虑它,也无法预测所fd
涉及的价值,所以让我们转向更复杂的想法:
更复杂的设置
更智能的设置将考虑 Boost Process 涉及的任何 fd。这包括管道(如上所述)和任何其他可能是其他进程启动参数指定的重定向结果的 fd。
这是我准备好的补丁
同样,这是未经测试的。该补丁最初针对尚未发布官方 Boost Process 版本的 Boost 1.63,但我“最近”(4 月)将其移植到 Boost 1.66。
用法类似于上面:
bp::child x(..., bp::posix::fd.restrict_inherit()); };
请注意,它允许与其他(自定义)扩展协调以收集应该被继承的 FD。
From 45c46a3d9ed42278af97e6ca11474bfbddf3ffb4 Mon Sep 17 00:00:00 2001
From: Seth Heeren <heeren@tracksinspector.com>
Date: Tue, 10 Apr 2018 02:48:27 +0200
Subject: [PATCH] fd_restrict prototype
---
boost/process/detail/posix/executor.hpp | 16 ++-
boost/process/detail/posix/fd.hpp | 8 ++
boost/process/detail/posix/fd_restrict.hpp | 154 +++++++++++++++++++++++++
boost/process/detail/posix/file_descriptor.hpp | 7 ++
4 files changed, 181 insertions(+), 4 deletions(-)
create mode 100644 boost/process/detail/posix/fd_restrict.hpp
diff --git a/boost/process/detail/posix/executor.hpp b/boost/process/detail/posix/executor.hpp
index b3781f2..0a7c446 100644
--- a/boost/process/detail/posix/executor.hpp
+++ b/boost/process/detail/posix/executor.hpp
@@ -15,6 +15,7 @@
#include <boost/process/pipe.hpp>
#include <boost/process/detail/posix/basic_pipe.hpp>
#include <boost/process/detail/posix/use_vfork.hpp>
+#include <boost/process/detail/posix/file_descriptor.hpp>
#include <boost/fusion/algorithm/iteration/for_each.hpp>
#include <cstdlib>
#include <sys/types.h>
@@ -45,7 +46,7 @@ inline int execvpe(const char* filename, char * const arg_list[], char* env[])
if (e != nullptr)
{
- std::vector<std::string> path;
+ std::vector<std::string> path;
boost::split(path, *e, boost::is_any_of(":"));
for (const std::string & pp : path)
@@ -157,13 +158,13 @@ struct on_fork_success_t
};
template<typename Executor> on_setup_t <Executor> call_on_setup (Executor & exec) {return exec;}
-template<typename Executor> on_error_t <Executor> call_on_error (Executor & exec, const std::error_code & ec)
+template<typename Executor> on_error_t <Executor> call_on_error (Executor & exec, const std::error_code & ec)
{
return on_error_t<Executor> (exec, ec);
}
template<typename Executor> on_success_t<Executor> call_on_success(Executor & exec) {return exec;}
-template<typename Executor> on_fork_error_t <Executor> call_on_fork_error (Executor & exec, const std::error_code & ec)
+template<typename Executor> on_fork_error_t <Executor> call_on_fork_error (Executor & exec, const std::error_code & ec)
{
return on_fork_error_t<Executor> (exec, ec);
}
@@ -330,6 +331,12 @@ public:
}
void set_error(const std::error_code &ec, const std::string &msg) {set_error(ec, msg.c_str());};
+ // customization point for fd_restrict
+ template <typename OutputIterator>
+ friend void collect_filedescriptors(executor const& me, OutputIterator& outit) {
+ // always protect the write end of the parent/child pipe
+ *outit++ = me._pipe_sink;
+ }
};
template<typename Sequence>
@@ -380,6 +387,7 @@ child executor<Sequence>::invoke(boost::mpl::false_, boost::mpl::false_)
return child();
}
_ec.clear();
+ _pipe_sink = p[1];
boost::fusion::for_each(seq, call_on_setup(*this));
if (_ec)
@@ -391,6 +399,7 @@ child executor<Sequence>::invoke(boost::mpl::false_, boost::mpl::false_)
this->pid = ::fork();
if (pid == -1)
{
+ _pipe_sink = -1;
_ec = boost::process::detail::get_last_error();
_msg = "fork() failed";
boost::fusion::for_each(seq, call_on_fork_error(*this, _ec));
@@ -400,7 +409,6 @@ child executor<Sequence>::invoke(boost::mpl::false_, boost::mpl::false_)
}
else if (pid == 0)
{
- _pipe_sink = p[1];
::close(p[0]);
boost::fusion::for_each(seq, call_on_exec_setup(*this));
diff --git a/boost/process/detail/posix/fd.hpp b/boost/process/detail/posix/fd.hpp
index 51790c3..f759d9e 100644
--- a/boost/process/detail/posix/fd.hpp
+++ b/boost/process/detail/posix/fd.hpp
@@ -11,6 +11,7 @@
#define BOOST_PROCESS_DETAIL_POSIX_FD_HPP
#include <boost/process/detail/posix/handler.hpp>
+#include <boost/process/detail/posix/fd_restrict.hpp>
#include <unistd.h>
namespace boost { namespace process { namespace detail { namespace posix {
@@ -68,6 +69,12 @@ public:
}
private:
+ // customization point for fd_restrict
+ template <typename OutputIterator>
+ friend void collect_filedescriptors(bind_fd_ const& bind_fd, OutputIterator& outit) {
+ *outit++ = bind_fd.id_;
+ }
+
int id_;
FileDescriptor fd_;
};
@@ -84,6 +91,7 @@ struct fd_
template <class FileDescriptor>
bind_fd_<FileDescriptor> bind(int id, const FileDescriptor & fd) const {return {id, fd};}
+ fd_restrict::property_<> restrict_inherit(size_t capacity = 128) const {return {capacity};}
};
diff --git a/boost/process/detail/posix/fd_restrict.hpp b/boost/process/detail/posix/fd_restrict.hpp
new file mode 100644
index 0000000..71c6c7d
--- /dev/null
+++ b/boost/process/detail/posix/fd_restrict.hpp
@@ -0,0 +1,154 @@
+// Copyright (c) 2017 Seth Heeren
+//
+// Distributed under the Boost Software License, Version 1.0. (See accompanying
+// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
+
+#ifndef BOOST_PROCESS_DETAIL_POSIX_FD_RESTRICT_HPP
+#define BOOST_PROCESS_DETAIL_POSIX_FD_RESTRICT_HPP
+
+#include <boost/process/detail/posix/handler.hpp>
+#include <unistd.h>
+
+namespace boost { namespace process { namespace detail { namespace posix { namespace fd_restrict {
+ // customization point for (custom) properties that need to protect fds
+ template <typename Property, typename OutputIterator>
+ void collect_filedescriptors(Property const& /*property*/, OutputIterator& /*outit*/) {
+ // primary template
+ }
+
+ // polymorphic function object for ADL dispatch
+ template <typename OutputIterator>
+ struct collect_fd_f {
+ OutputIterator mutable _outit;
+
+ template <typename Property>
+ void operator()(Property const& property) const {
+ using boost::process::detail::posix::fd_restrict::collect_filedescriptors; // ADL desired
+ collect_filedescriptors(property, _outit);
+ }
+ };
+
+ // launch property
+ template <typename=void>
+ struct property_ : handler_base_ext
+ {
+ public:
+ property_(size_t capacity) {
+ // reserve to avoid allocations between fork/exec which may
+ // deadlock with threads
+ _protected_fds.reserve(capacity);
+ }
+
+ template <class PosixExecutor>
+ void on_exec_setup(PosixExecutor& exec) const
+ {
+ _protected_fds.resize(0);
+ auto outit = back_inserter(_protected_fds);
+ collect_fd_f<decltype(outit)> visit{outit};
+
+ visit(exec);
+ boost::fusion::for_each(exec.seq, visit);
+
+ auto begin = _protected_fds.begin(), end = _protected_fds.end();
+ std::sort(begin, end);
+
+ for(int fd=0, maxfd=sysconf(_SC_OPEN_MAX); fd<maxfd; ++fd) {
+ if (!std::binary_search(begin, end, fd))
+ ::close(fd);
+ }
+ }
+
+ private:
+ std::vector<int> mutable _protected_fds;
+ };
+
+}}}}}
+
+/*
+ * Non-intrusive instrumentation of existing POSIX properties that require filedescriptors
+ *
+ * All of these could be done with an inline `friend` definition, like above.
+ *
+ * For now I prefer to keep them separate so that
+ *
+ * - upstream changes merge cleanly
+ * - interface changes in fd_restrict can more easily be applied consistently in 1 file
+ *
+ * Only bind_fd_ and filedescriptor need friend access, so cannot usefully be kept separate.
+ */
+
+#include <boost/process/detail/posix/async_in.hpp>
+#include <boost/process/detail/posix/async_out.hpp>
+#include <boost/process/detail/posix/null_in.hpp>
+#include <boost/process/detail/posix/null_out.hpp>
+#include <boost/process/detail/posix/file_in.hpp>
+#include <boost/process/detail/posix/file_out.hpp>
+#include <boost/process/detail/posix/pipe_in.hpp>
+#include <boost/process/detail/posix/pipe_out.hpp>
+
+namespace boost { namespace process { namespace detail { namespace posix {
+
+template<typename... Ts, typename OutputIterator>
+void collect_filedescriptors(async_in_buffer<Ts...> const&, OutputIterator& outit) {
+ *outit++ = STDIN_FILENO;
+}
+
+template<int p1, int p2, typename... Ts, typename OutputIterator>
+void collect_filedescriptors(async_out_buffer<p1, p2, Ts...> const&, OutputIterator& outit) {
+ if (p1==1||p2==1) *outit++ = STDOUT_FILENO;
+ if (p1==2||p2==2) *outit++ = STDERR_FILENO;
+}
+
+template<int p1, int p2, typename... Ts, typename OutputIterator>
+void collect_filedescriptors(async_out_future<p1, p2, Ts...> const&, OutputIterator& outit) {
+ if (p1==1||p2==1) *outit++ = STDOUT_FILENO;
+ if (p1==2||p2==2) *outit++ = STDERR_FILENO;
+}
+
+template<typename OutputIterator>
+void collect_filedescriptors(file_in const&, OutputIterator& outit) {
+ *outit++ = STDIN_FILENO;
+}
+
+template<int p1, int p2, typename OutputIterator>
+void collect_filedescriptors(file_out<p1, p2> const&, OutputIterator& outit) {
+ if (p1==1||p2==1) *outit++ = STDOUT_FILENO;
+ if (p1==2||p2==2) *outit++ = STDERR_FILENO;
+}
+
+template<typename OutputIterator>
+void collect_filedescriptors(null_in const&, OutputIterator& outit) {
+ *outit++ = STDIN_FILENO;
+}
+
+template<int p1, int p2, typename OutputIterator>
+void collect_filedescriptors(null_out<p1, p2> const&, OutputIterator& outit) {
+ if (p1==1||p2==1) *outit++ = STDOUT_FILENO;
+ if (p1==2||p2==2) *outit++ = STDERR_FILENO;
+}
+
+template<typename OutputIterator>
+void collect_filedescriptors(pipe_in const&, OutputIterator& outit) {
+ *outit++ = STDIN_FILENO;
+}
+
+template<typename OutputIterator>
+void collect_filedescriptors(async_pipe_in const&, OutputIterator& outit) {
+ *outit++ = STDIN_FILENO;
+}
+
+template<int p1, int p2, typename OutputIterator>
+void collect_filedescriptors(pipe_out<p1, p2> const&, OutputIterator& outit) {
+ if (p1==1||p2==1) *outit++ = STDOUT_FILENO;
+ if (p1==2||p2==2) *outit++ = STDERR_FILENO;
+}
+
+template<int p1, int p2, typename OutputIterator>
+void collect_filedescriptors(async_pipe_out<p1, p2> const&, OutputIterator& outit) {
+ if (p1==1||p2==1) *outit++ = STDOUT_FILENO;
+ if (p1==2||p2==2) *outit++ = STDERR_FILENO;
+}
+
+}}}}
+
+#endif
diff --git a/boost/process/detail/posix/file_descriptor.hpp b/boost/process/detail/posix/file_descriptor.hpp
index 0dcb99c..0cfcfd1 100644
--- a/boost/process/detail/posix/file_descriptor.hpp
+++ b/boost/process/detail/posix/file_descriptor.hpp
@@ -53,6 +53,13 @@ struct file_descriptor
int handle() const { return _handle;}
private:
+ // customization point for fd_restrict
+ template <typename OutputIterator>
+ friend void collect_filedescriptors(file_descriptor const& property_, OutputIterator& outit) {
+ if (-1 != property_._handle)
+ *outit++ = property_._handle;
+ }
+
static int create_file(const char* name, mode_t mode )
{
switch(mode)
--
2.16.2
我会让源代码中的注释成为你理解这个想法的指南。