aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBen Hutchings <ben@decadent.org.uk>2012-11-02 05:32:06 +0000
committerBertrand Jacquin <bertrand@jacquin.bzh>2018-10-05 00:54:56 +0200
commitc5f28bdfa1e5d4a81044659551c2011adfb74b03 (patch)
tree2aba693091415cfc62ce1e6e9828ecc7ee0c3709
parentThis patch adds support for a restricted user-controlled namespace on (diff)
downloadlinux-c5f28bdfa1e5d4a81044659551c2011adfb74b03.tar.gz
fs: Enable link security restrictions by default
This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415 ('VFS: don't do protected {sym,hard}links by default').
-rw-r--r--fs/namei.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c
index 734cef54fdf8..8e3b3ae0cf30 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -885,8 +885,8 @@ static inline void put_link(struct nameidata *nd)
path_put(&last->link);
}
-int sysctl_protected_symlinks __read_mostly = 0;
-int sysctl_protected_hardlinks __read_mostly = 0;
+int sysctl_protected_symlinks __read_mostly = 1;
+int sysctl_protected_hardlinks __read_mostly = 1;
/**
* may_follow_link - Check symlink following for unsafe situations