fs: Enable link security restrictions by default

author Ben Hutchings <ben@decadent.org.uk>

Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)

committer Salvatore Bonaccorso <carnil@debian.org>

Tue, 20 Mar 2018 08:31:07 +0000 (08:31 +0000)
author Ben Hutchings <ben@decadent.org.uk>
Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)
committer Salvatore Bonaccorso <carnil@debian.org>
Tue, 20 Mar 2018 08:31:07 +0000 (08:31 +0000)
diff --git a/fs/namei.c b/fs/namei.c

index 4e3fc58dae7227fbb24ce97b1d4404df31ec9445..bc8c6b7690e2914a01dfed768bc8fbb6f70b05d2 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -900,8 +900,8 @@ static inline void put_link(struct nameidata *nd)
                 path_put(&last->link);
  }
  
-int sysctl_protected_symlinks __read_mostly = 0;
-int sysctl_protected_hardlinks __read_mostly = 0;
+int sysctl_protected_symlinks __read_mostly = 1;
+int sysctl_protected_hardlinks __read_mostly = 1;
  
  /**
   * may_follow_link - Check symlink following for unsafe situations
author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)
committer	Salvatore Bonaccorso <carnil@debian.org>
	Tue, 20 Mar 2018 08:31:07 +0000 (08:31 +0000)