openssh and defensive programming (or lack thereof)

[Theo de Raadt]

> sshd is a system service. If your broken system is passing stray fds to
> sshd upon (re)start, you need to fix your system - it is that simple.
> Why uglify every daemon on your system when you can fix the problem where
> it lies? Think about what would happen if this was carried to its logical
> conclusion...

Actually, we have done such cleanup.

Without following those incorrect defensive methods.

You may notice that sshd, like the rest of openbsd, does dynamic
fd_set manipulation....