On Fri, 26 May 2006 13:27:56 EDT, Stephen Smalley said:
Hmm...they used to be O_RDWR, but Steve Grubb submitted a patch that
changed them a while back as part of a general cleanup of newrole. If
programs expect stdout and stderr to be rw, then I suppose newrole needs
to open them that way, although it does seem odd to read from your error
stream.
It can't read from stdin, because that might be in use:
grep foo bar* | more
And most shells open stderr as R/W, so reading from that works.
One can certainly argue that stderr *should* be write-only, and programs
using stderr for reading should probably be fixed to open /dev/tty and use
that instead. But not knowing whether it's just this one odd program,
or lots of them, I can't really say.