Signal safety #3
Description
Only select functions can be safely called within a signal handler. Currently we are doing literally nothing asynchronous-safe.
The solution will probably involve setting an exit flag on SIGINT/SIGTERM, and testing somehow inside the FUSE main loop. We should also be handling SIGSEGV to at least wipe memory, but as specified in POSIX, doing anything after the SIGSEGV handler is undefined behavior. In that case, perhaps it would be best to simply wipe any private info and terminate (abort()) but not remove any locks or flush any buffers.