fs: Enable link security restrictions by default

author Ben Hutchings <ben@decadent.org.uk>

Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)

committer Bastian Blank <waldi@debian.org>

Fri, 22 Jun 2018 09:50:22 +0000 (10:50 +0100)
author Ben Hutchings <ben@decadent.org.uk>
Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)
committer Bastian Blank <waldi@debian.org>
Fri, 22 Jun 2018 09:50:22 +0000 (10:50 +0100)
diff --git a/fs/namei.c b/fs/namei.c

index b61d6aa9279d934afac075e9b63514a1cd3aed57..255c2dc36189b9c4a4a1964a5bd0f1b6b0f16107 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -883,8 +883,8 @@ static inline void put_link(struct nameidata *nd)
                 path_put(&last->link);
  }
  
-int sysctl_protected_symlinks __read_mostly = 0;
-int sysctl_protected_hardlinks __read_mostly = 0;
+int sysctl_protected_symlinks __read_mostly = 1;
+int sysctl_protected_hardlinks __read_mostly = 1;
  
  /**
   * may_follow_link - Check symlink following for unsafe situations
author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)
committer	Bastian Blank <waldi@debian.org>
	Fri, 22 Jun 2018 09:50:22 +0000 (10:50 +0100)