projects / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3f01aca)
fs: Enable link security restrictions by default
authorBen Hutchings <ben@decadent.org.uk>
Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)
committerSalvatore Bonaccorso <carnil@debian.org>
Fri, 28 May 2021 08:31:38 +0000 (09:31 +0100)
Bug-Debian: https://bugs.debian.org/609455
Forwarded: not-needed

This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415
('VFS: don't do protected {sym,hard}links by default').

Gbp-Pq: Topic debian
Gbp-Pq: Name fs-enable-link-security-restrictions-by-default.patch

fs/namei.c patch | blob | history

diff --git a/fs/namei.c b/fs/namei.c
index 4c9d0c36545d3d850d96dec993290b28389b012a..12f4c0e0ff7608cacecd07cdcd07102a5c01b6d5 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -932,8 +932,8 @@ static inline void put_link(struct nameidata *nd)
                path_put(&last->link);
 }
 
-int sysctl_protected_symlinks __read_mostly = 0;
-int sysctl_protected_hardlinks __read_mostly = 0;
+int sysctl_protected_symlinks __read_mostly = 1;
+int sysctl_protected_hardlinks __read_mostly = 1;
 int sysctl_protected_fifos __read_mostly;
 int sysctl_protected_regular __read_mostly;
 
Unnamed repository; edit this file 'description' to name the repository.