Luis Rodrigo Gallardo Cruz wrote:
for (i = 0; i < [some-hopefuly-large-enough-value]; i++) close(i);
I'd recommend to build (with "gcc -Wall -O2 -s -o closefds closefds.c") the following workaround:
/* closefds.c by Michal Trojnara 2008.01.12 */ /* This code is public domain */
#include <stdio.h> #include <unistd.h>
int main(int argc, char *argv[]) { int i;
for(i=3; i<1023; ++i) close(i); execvp(argv[0], argv+1); perror(argv[0]); return 0; }
Replace "/bin_path/stunnel /conf_path/stunnel.conf" with "/bin_path/closefds /bin_path/stunnel /conf_path/stunnel.conf"
Some reasoning behind the code: 1. stunnel deals fine with fd 0, 1 and 2. 2. It's very unlikely that the calling application will use file descriptors over 1023.
Best regards, Mike