summary'>refslogtreecommitdiffstats
path: '>root//'>sys-kernel/'>boest-v4.14.127//0009-4.14-1510_fs-enable-link-security-restrictions-by-de.patch
diff options
context:
space:
mode:
Diffstat (limited to 'sys-kernel/boest-v4.14.127/0009-4.14-1510_fs-enable-link-security-restrictions-by-de.patch')
--rw-r--r--sys-kernel/boest-v4.14.127/0009-4.14-1510_fs-enable-link-security-restrictions-by-de.patch25
1 files changed, 25 insertions, 0 deletions
diff --git a/sys-kernel/boest-v4.14.127/0009-4.14-1510_fs-enable-link-security-restrictions-by-de.patch b/sys-kernel/boest-v4.14.127/0009-4.14-1510_fs-enable-link-security-restrictions-by-de.patch
new file mode 100644
index 00000000..16b9acda
--- /dev/null
+++ b/sys-kernel/boest-v4.14.127/0009-4.14-1510_fs-enable-link-security-restrictions-by-de.patch
@@ -0,0 +1,25 @@
+From 324568d8ae08046fb8d6a8c30911116caf8b32c3 Mon Sep 17 00:00:00 2001
+From: Mike Pagano <mpagano@gentoo.org>
+Date: Sat, 1 Dec 2018 12:25:28 -0500
+Subject: [PATCH 09/19]
+ 4.14:1510_fs-enable-link-security-restrictions-by-default.patch
+
+---
+ fs/namei.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/fs/namei.c b/fs/namei.c
+index d1e467b7b9de..ffa7475e8fcf 100644
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -902,8 +902,8 @@ static inline void put_link(struct nameidata *nd)
+ path_put(&last->link);
+ }
+
+-int sysctl_protected_symlinks __read_mostly = 0;
+-int sysctl_protected_hardlinks __read_mostly = 0;
++int sysctl_protected_symlinks __read_mostly = 1;
++int sysctl_protected_hardlinks __read_mostly = 1;
+ int sysctl_protected_fifos __read_mostly;
+ int sysctl_protected_regular __read_mostly;
+