1.. title:: clang-tidy - android-cloexec-dup 2 3android-cloexec-dup 4=================== 5 6The usage of ``dup()`` is not recommended, it's better to use ``fcntl()``, 7which can set the close-on-exec flag. Otherwise, an opened sensitive file would 8remain open across a fork+exec to a lower-privileged SELinux domain. 9 10Examples: 11 12.. code-block:: c++ 13 14 int fd = dup(oldfd); 15 16 // becomes 17 18 int fd = fcntl(oldfd, F_DUPFD_CLOEXEC); 19