I ran into this while investigating something else. I set up /usr/bin/gs
as a helper app for postscript files. In the attachment note that gs is
a child of one of the mozilla threads. Note also that gs has a lot of
open file descriptors and could write to a number of interesting things
if it were so inclined. An unpleasant thought.
Clearly, mozilla needs to enforce the usual close-on-exec behavior but I
haven't the foggiest idea where that should be. I'll start this off in file
handling but feel free to change the component.
I ran into this while investigating something else. I set up /usr/bin/gs
as a helper app for postscript files. In the attachment note that gs is
a child of one of the mozilla threads. Note also that gs has a lot of
open file descriptors and could write to a number of interesting things
if it were so inclined. An unpleasant thought.
Clearly, mozilla needs to enforce the usual close-on-exec behavior but I
haven't the foggiest idea where that should be. I'll start this off in file
handling but feel free to change the component.