e05f7c55d7
Since this code is run from PID 1, this ensures file descriptors to sensitive files and devices are not accidentally leaked to sub-processes. * gnu/build/file-systems.scm (call-with-input-file): New procedure. (mount-file-system): Use 'close-fdes' + 'open-fdes'. |
||
|---|---|---|
| .. | ||
| accounts.scm | ||
| activation.scm | ||
| bootloader.scm | ||
| chromium-extension.scm | ||
| cross-toolchain.scm | ||
| dbus-service.scm | ||
| file-systems.scm | ||
| hurd-boot.scm | ||
| image.scm | ||
| install.scm | ||
| jami-service.scm | ||
| linux-boot.scm | ||
| linux-container.scm | ||
| linux-initrd.scm | ||
| linux-modules.scm | ||
| locale.scm | ||
| marionette.scm | ||
| secret-service.scm | ||
| shepherd.scm | ||
| svg.scm | ||