From 8fac49d0fcf85d3147cbb1ed8b0481d9001c4860 Mon Sep 17 00:00:00 2001
From: Alan Rogers <alanjrogers@me.com>
Date: Tue, 21 Apr 2015 15:39:02 +1000
Subject: [PATCH] unix: open "/dev/null" instead of "/" for emfile_fd
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We may not have permission to open "/". This fix allows libuv to be
used in a OS X app that has sandboxing enabled, without the need for
a temporary entitlement to allow reading of "/" (Which would never
pass app review).

In some rare cases "/dev" isn't mounted, so we open "/" as a
fallback.

PR-URL: https://github.com/libuv/libuv/pull/328
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com>
---
 src/unix/stream.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/unix/stream.c b/src/unix/stream.c
index e721aa1d..adb98c38 100644
--- a/src/unix/stream.c
+++ b/src/unix/stream.c
@@ -88,7 +88,12 @@ void uv__stream_init(uv_loop_t* loop,
   stream->write_queue_size = 0;
 
   if (loop->emfile_fd == -1) {
-    err = uv__open_cloexec("/", O_RDONLY);
+    err = uv__open_cloexec("/dev/null", O_RDONLY);
+    if (err < 0)
+        /* In the rare case that "/dev/null" isn't mounted open "/"
+         * instead.
+         */
+        err = uv__open_cloexec("/", O_RDONLY);
     if (err >= 0)
       loop->emfile_fd = err;
   }