1.. title:: clang-tidy - android-cloexec-accept 2 3android-cloexec-accept 4====================== 5 6The usage of ``accept()`` is not recommended, it's better to use ``accept4()``. 7Without this flag, an opened sensitive file descriptor would remain open across 8a fork+exec to a lower-privileged SELinux domain. 9 10Examples: 11 12.. code-block:: c++ 13 14 accept(sockfd, addr, addrlen); 15 16 // becomes 17 18 accept4(sockfd, addr, addrlen, SOCK_CLOEXEC); 19