Is there a reason we do not turn on the file system hardlink/symlink protection in Rawhide?
Chris Adams
cmadams at hiwaay.net
Fri Mar 15 00:28:32 UTC 2013
Once upon a time, Lennart Poettering <mzerqung at 0pointer.de> said:
> Hmm, I'd very much prefer if the defaults are built into the kernel, and
> that sysctl in userspace is then used only by the admin to override these
> defaults, so that by default we ship with empty sysctl.d/ dirs.
>
> So, before I merge anything like this into systemd, why can't the kernel
> default setting simply be flipped?
Upstream kernel said "no, distros can do it in userspace", and Fedora
aims to remain true to upstream. Also, if upstream kernel does one
thing and Fedora kernel the opposite, users would have unexpected
defaults changing if they built their own kernel for some reason.
Why would this need to be merged into systemd? Why not just sysctl.conf
(or I guess the new-and-improved /usr/lib/sysctl.d/00-system.conf, which
comes from initscripts)?
As is pointed out (IIRC in the commit that reverted the default), if you
can't trust the boot environment, you are already hosed.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the devel
mailing list