On Sat, 04 Jan 2020 19:41:21 +0100 Michał Górny <[email protected]> wrote:
> On Sat, 2020-01-04 at 08:38 +0100, Hanno Böck wrote: > > On Fri, 3 Jan 2020 15:48:54 +0100 > > Toralf Förster <[email protected]> wrote: > > > > > # Restrict potential illegal access via links > > > # > > > fs.protected_hardlinks = 1 > > > fs.protected_symlinks = 1 > > > > Given the issues with openrc: > > Wouldn't it be a good idea to add these by default to Gentoo's > > sysctl.conf in baselayout? > > Yes, we should. This really sounds like some horror where developers > are hacking things around in sources instead of communicating with > people maintaining the component where a proper fix belongs. I created a bug for this so we can move the discussion there: https://bugs.gentoo.org/704914 Particularly if anyone thinks this is a bad idea or knows of a situation where this breaks things please speak up now in the bugreport. -- Hanno Böck https://hboeck.de/
pgpu2QXCFT33y.pgp
Description: OpenPGP digital signature
