directory icon indicating copy to clipboard operation
directory copied to clipboard
verified publisher icon haskell

copyFile opens the file without setting cloexec

Open joeyh opened this issue 4 months ago • 2 comments

copyFile opens a temporary file without setting the close-on-exec flag. So if another thread execs a process at the same time, the process can inherit an open FD to a temp file. Specifically, in withReplacementFile, it uses OS.openBinaryTempFile.

copyFileWithMetadata and copyFileToHandle had this same problem fixed in commit 0ff4e13f1f51234fe047b4bc1ca60e567afd0c36

joeyh avatar Sep 05 '25 15:09 joeyh