1 |
On Sat, 2020-01-04 at 08:38 +0100, Hanno Böck wrote: |
2 |
> On Fri, 3 Jan 2020 15:48:54 +0100 |
3 |
> Toralf Förster <toralf@g.o> wrote: |
4 |
> |
5 |
> > # Restrict potential illegal access via links |
6 |
> > # |
7 |
> > fs.protected_hardlinks = 1 |
8 |
> > fs.protected_symlinks = 1 |
9 |
> |
10 |
> Given the issues with openrc: |
11 |
> Wouldn't it be a good idea to add these by default to Gentoo's |
12 |
> sysctl.conf in baselayout? |
13 |
|
14 |
Yes, we should. This really sounds like some horror where developers |
15 |
are hacking things around in sources instead of communicating with |
16 |
people maintaining the component where a proper fix belongs. |
17 |
|
18 |
> |
19 |
> As far as I understand this from the thread by now, these are set by |
20 |
> default by Gentoo Sources. So we shouldn't really expect much breakage |
21 |
> if we set them via sysctl. |
22 |
> |
23 |
> |
24 |
|
25 |
-- |
26 |
Best regards, |
27 |
Michał Górny |