fs: Enable link security restrictions by default

author Ben Hutchings <ben@decadent.org.uk>

Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)

committer Ben Hutchings <ben@decadent.org.uk>

Sun, 4 Jun 2017 02:03:01 +0000 (02:03 +0000)
author Ben Hutchings <ben@decadent.org.uk>
Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)
committer Ben Hutchings <ben@decadent.org.uk>
Sun, 4 Jun 2017 02:03:01 +0000 (02:03 +0000)
diff --git a/fs/namei.c b/fs/namei.c

index d5e5140c1045647596ea420ef3bdb20abb298473..9d4c6550ef981b0f50feb293c624353dca53330c 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -888,8 +888,8 @@ static inline void put_link(struct nameidata *nd)
                 path_put(&last->link);
  }
  
-int sysctl_protected_symlinks __read_mostly = 0;
-int sysctl_protected_hardlinks __read_mostly = 0;
+int sysctl_protected_symlinks __read_mostly = 1;
+int sysctl_protected_hardlinks __read_mostly = 1;
  
  /**
   * may_follow_link - Check symlink following for unsafe situations
author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)
committer	Ben Hutchings <ben@decadent.org.uk>
	Sun, 4 Jun 2017 02:03:01 +0000 (02:03 +0000)