On 2017-10-10 16:02:31 +0200, Moritz Muehlenhoff wrote: > It is not optional.
The procfs(5) man page disagrees. > You omitted to quote the second part: > > "/tmp-related bugs which are rendered non-exploitable by this mechanism > are not treated as security vulnerabilities. If you use a custom > Linux kernel you should enable it using a sysctl setting" In any case, even though a symlink attack is not possible under this condition, there's still a potential DoS in the code. -- Vincent Lefèvre <[email protected]> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
