sysctl: Protect hard/symlinks by default.

There is no usecase for not protecting symlinks that I know of in OpenWrt.
Not even on desktop systems where you have multiple users with a shell.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
This commit is contained in:
Rosen Penev 2018-04-30 13:15:54 -07:00 committed by John Crispin
parent 52ba5760b7
commit 20e5fefb0c
1 changed files with 3 additions and 0 deletions

View File

@ -5,6 +5,9 @@ kernel.panic=3
kernel.core_pattern=/tmp/%e.%t.%p.%s.core kernel.core_pattern=/tmp/%e.%t.%p.%s.core
fs.suid_dumpable=2 fs.suid_dumpable=2
fs.protected_hardlinks=1
fs.protected_symlinks=1
net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.default.arp_ignore=1
net.ipv4.conf.all.arp_ignore=1 net.ipv4.conf.all.arp_ignore=1
net.ipv4.ip_forward=1 net.ipv4.ip_forward=1