File: fs-enable-link-security-restrictions-by-default.patch

package info (click to toggle)
linux 3.16.7-ckt4-3
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 736,636 kB
  • ctags: 2,374,727
  • sloc: ansic: 12,214,218; asm: 277,326; perl: 54,003; xml: 47,771; makefile: 30,483; sh: 8,035; python: 6,597; cpp: 5,124; yacc: 4,254; lex: 2,215; awk: 741; pascal: 231; lisp: 218; sed: 30
file content (22 lines) | stat: -rw-r--r-- 717 bytes parent folder | download | duplicates (13)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
From: Ben Hutchings <ben@decadent.org.uk>
Subject: fs: Enable link security restrictions by default
Date: Fri, 02 Nov 2012 05:32:06 +0000
Bug-Debian: https://bugs.debian.org/609455
Forwarded: not-needed

This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415
('VFS: don't do protected {sym,hard}links by default').

--- a/fs/namei.c
+++ b/fs/namei.c
@@ -651,8 +651,8 @@ static inline void put_link(struct namei
 	path_put(link);
 }
 
-int sysctl_protected_symlinks __read_mostly = 0;
-int sysctl_protected_hardlinks __read_mostly = 0;
+int sysctl_protected_symlinks __read_mostly = 1;
+int sysctl_protected_hardlinks __read_mostly = 1;
 
 /**
  * may_follow_link - Check symlink following for unsafe situations