Clarify namespace fd preservation comment. Make it clear that the fds are not leaking into the child. Bug: https://crbug.com/985467 Test: Compiles. Change-Id: I468c49dc13baafd32fab6fbfdcf8d9a413b6bb76

commit: cf3bbea196ff781d94fb69d395ee7df00d1d3cb6 [log] [tgz]
author: Jorge Lucangeli Obes <[email protected]> Wed Jul 24 09:06:40 2019 -0400
committer: Jorge Lucangeli Obes <[email protected]> Wed Jul 24 09:09:24 2019 -0400
tree: a3773672f2aeebf3016e1b7bd8a04e4c684a44c8
parent: 2337f80306755f8577adb7ac7bd5a5ee4f035e02 [diff] [blame]
diff --git a/libminijail.c b/libminijail.c
index 64d8719..4db32fa 100644
--- a/libminijail.c
+++ b/libminijail.c

@@ -2941,7 +2941,11 @@
 			inheritable_fds[size++] = stderr_fds[1];
 		}
 
-		/* Preserve namespace file descriptors. */
+		/*
+		 * Preserve namespace file descriptors over the close_open_fds()
+		 * call. These are closed in minijail_enter() so they won't leak
+		 * into the child process.
+		 */
 		if (j->flags.enter_vfs)
 			minijail_preserve_fd(j, j->mountns_fd, j->mountns_fd);
 		if (j->flags.enter_net)
commit	cf3bbea196ff781d94fb69d395ee7df00d1d3cb6	[log] [tgz]
author	Jorge Lucangeli Obes <[email protected]>	Wed Jul 24 09:06:40 2019 -0400
committer	Jorge Lucangeli Obes <[email protected]>	Wed Jul 24 09:09:24 2019 -0400
tree	a3773672f2aeebf3016e1b7bd8a04e4c684a44c8
parent	2337f80306755f8577adb7ac7bd5a5ee4f035e02 [diff] [blame]