commit: 41dc35b2785cc890101781fb03476966ef499337 Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> AuthorDate: Sun Mar 6 17:50:51 2022 +0000 Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> CommitDate: Sun Mar 6 17:50:51 2022 +0000 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=41dc35b2
Update default security restrictions Bug: https://bugs.gentoo.org/834085 Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> 1510_fs-enable-link-security-restrictions-by-default.patch | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/1510_fs-enable-link-security-restrictions-by-default.patch b/1510_fs-enable-link-security-restrictions-by-default.patch index b1f1a88d..e8c30157 100644 --- a/1510_fs-enable-link-security-restrictions-by-default.patch +++ b/1510_fs-enable-link-security-restrictions-by-default.patch @@ -1,13 +1,17 @@ --- a/fs/namei.c 2022-01-23 13:02:27.876558299 -0500 -+++ b/fs/namei.c 2022-01-23 14:01:29.634533326 -0500 -@@ -1020,8 +1020,8 @@ static inline void put_link(struct namei ++++ b/fs/namei.c 2022-03-06 12:47:39.375719693 -0500 +@@ -1020,10 +1020,10 @@ static inline void put_link(struct namei path_put(&last->link); } -static int sysctl_protected_symlinks __read_mostly; -static int sysctl_protected_hardlinks __read_mostly; +-static int sysctl_protected_fifos __read_mostly; +-static int sysctl_protected_regular __read_mostly; +static int sysctl_protected_symlinks __read_mostly = 1; +static int sysctl_protected_hardlinks __read_mostly = 1; - static int sysctl_protected_fifos __read_mostly; - static int sysctl_protected_regular __read_mostly; ++int sysctl_protected_fifos __read_mostly = 1; ++int sysctl_protected_regular __read_mostly = 1; + #ifdef CONFIG_SYSCTL + static struct ctl_table namei_sysctls[] = {
