Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mike Pagano <mpagano@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/linux-patches:4.4 commit in: /
Date: Sat, 01 Dec 2018 18:36:02
Message-Id: 1543689213.71952c784a82313d968fc0d8e7ab6813ee524b4d.mpagano@gentoo
1 commit: 71952c784a82313d968fc0d8e7ab6813ee524b4d
2 Author: Mike Pagano <mpagano <AT> gentoo <DOT> org>
3 AuthorDate: Sat Dec 1 18:33:33 2018 +0000
4 Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org>
5 CommitDate: Sat Dec 1 18:33:33 2018 +0000
6 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=71952c78
7
8 proj/linux-patches: Update patch for 4.4.
9
10 Updated patch:
11 1510_fs-enable-link-security-restrictions-by-default.patch
12
13 Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org>
14
15 ...able-link-security-restrictions-by-default.patch | 21 ++++++---------------
16 1 file changed, 6 insertions(+), 15 deletions(-)
17
18 diff --git a/1510_fs-enable-link-security-restrictions-by-default.patch b/1510_fs-enable-link-security-restrictions-by-default.patch
19 index 639fb3c..8bfb36c 100644
20 --- a/1510_fs-enable-link-security-restrictions-by-default.patch
21 +++ b/1510_fs-enable-link-security-restrictions-by-default.patch
22 @@ -1,22 +1,13 @@
23 -From: Ben Hutchings <ben@××××××××××××.uk>
24 -Subject: fs: Enable link security restrictions by default
25 -Date: Fri, 02 Nov 2012 05:32:06 +0000
26 -Bug-Debian: https://bugs.debian.org/609455
27 -Forwarded: not-needed
28 -
29 -This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415
30 -('VFS: don't do protected {sym,hard}links by default').
31 -
32 ---- a/fs/namei.c
33 -+++ b/fs/namei.c
34 -@@ -651,8 +651,8 @@ static inline void put_link(struct namei
35 - path_put(link);
36 +--- a/fs/namei.c 2018-12-01 11:30:07.672594412 -0500
37 ++++ b/fs/namei.c 2018-12-01 11:30:58.772816410 -0500
38 +@@ -902,8 +902,8 @@ static inline void put_link(struct namei
39 + path_put(&last->link);
40 }
41
42 -int sysctl_protected_symlinks __read_mostly = 0;
43 -int sysctl_protected_hardlinks __read_mostly = 0;
44 +int sysctl_protected_symlinks __read_mostly = 1;
45 +int sysctl_protected_hardlinks __read_mostly = 1;
46 + int sysctl_protected_fifos __read_mostly;
47 + int sysctl_protected_regular __read_mostly;
48
49 - /**
50 - * may_follow_link - Check symlink following for unsafe situations
Report Message
Find on MARC Find on Google Groups