Attached is a patch adding os.closefrom.
If closefrom(2) is available, it's used.
Otherwise, two options:
- if sysconf and _SC_OPEN_MAX are defined, we close each file descriptor up to _SC_OPEN_MAX
- if not, we choose a default value (256), and close every FD up to this value
subprocess has been converted to use it, and a test has been added in test_os
Unfortunately, I only have Linux boxes, so I can't really test it.
Remarks:
- is it OK to provide posix_closefrom even though the underlying platform doesn't support it ?
- no error code is returned (since when closing every FD manually this wouldn't make much sense), even though closefrom(2) does return one
- for the test, I only close FDs > 7 to avoid closing stdin/stdout/stder, but you might have a better idea
- this won't fix the problem for Linux, which doesn't have closefrom(2). Is it worth using /proc/self/fd interface ?