On Thu, Mar 14, 2013 at 09:08:48AM -0400, Daniel J Walsh wrote: > On 03/14/2013 04:09 AM, yersinia wrote: > > On Wed, Mar 13, 2013 at 7:52 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx > > <mailto:dwalsh@xxxxxxxxxx>> wrote: > > > > -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > > > sysctl -a | grep protected fs.protected_hardlinks = 0 fs.protected_symlinks > > = 0 > > > > Here some more info for this apparent regression > > http://kernel.opensuse.org/cgit/kernel/commit/?id=561ec64ae67ef25cac8d72bb9c4bfc955edfd415 > > > > Best > > > > > > > > > Well I believe Ubunto has been using this feature for years and maybe we > should consider turning it on via systemd or a unit file. The breakage of AFD > is not a legitimate reason for Fedora to turn it off. > > Kees, could you explain how these restrictions would help secure Fedora and > any potential side effects. AFD was a single specific program doing a very specific task and hardly represents an "average workload". I remain extremely disappointed that the default-on state was reverted. Ubuntu has had this feature enabled for YEARS now, and it stopped quite a few exploits cold. Everything about these restrictions is described in detail in the commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=800179c9b8a1e796e441674776d11cd4c05d61d7 I'm happy to answer any questions. -Kees -- Kees Cook @outflux.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
