Is there a reason we do not turn on the file system hardlink/symlink protection in Rawhide?
Josh Boyer
jwboyer at gmail.com
Fri Mar 15 00:40:18 UTC 2013
On Thu, Mar 14, 2013 at 8:28 PM, Josh Boyer <jwboyer at gmail.com> wrote:
> On Thu, Mar 14, 2013 at 8:22 PM, Lennart Poettering
> <mzerqung at 0pointer.de> wrote:
>> On Thu, 14.03.13 18:32, Josh Boyer (jwboyer at gmail.com) wrote:
>>
>>> > Everything about these restrictions is described in detail in the commit:
>>> > http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=800179c9b8a1e796e441674776d11cd4c05d61d7
>>> >
>>> > I'm happy to answer any questions.
>>>
>>> Something like this patch to systemd should work, no?
>>
>> Hmm, I'd very much prefer if the defaults are built into the kernel, and
>> that sysctl in userspace is then used only by the admin to override these
>> defaults, so that by default we ship with empty sysctl.d/ dirs.
>>
>> So, before I merge anything like this into systemd, why can't the kernel
>> default setting simply be flipped?
>
> It would be yet another out-of-tree patch to carry along forever in
> Fedora. Or at best we try and upstream the default as a config setting
> but I'm not sure Linus would bite on that given his commit message when
> he switched the default to disabled. I'd rather avoid carrying a patch
> that has no chance of upstream when it can be done by a unit file or
> systemd itself. That's why they're settable from userspace to begin
> with.
Oh, right. Kees already tried the config option route:
http://thread.gmane.org/gmane.linux.kernel/1383391/focus=1383496
Failed.
So, back to "carry a patch in the kernel forever", which I'd really like
to avoid.
josh
More information about the devel
mailing list