From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 56525138334 for ; Sat, 4 Jan 2020 18:39:24 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 51EBBE0924; Sat, 4 Jan 2020 18:39:21 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B3192E091D for ; Sat, 4 Jan 2020 18:39:20 +0000 (UTC) Received: from linux1.home (cpe-70-124-168-176.austin.res.rr.com [70.124.168.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: williamh) by smtp.gentoo.org (Postfix) with ESMTPSA id B108034DDC7 for ; Sat, 4 Jan 2020 18:39:19 +0000 (UTC) Received: (nullmailer pid 11082 invoked by uid 1000); Sat, 04 Jan 2020 18:39:17 -0000 Date: Sat, 4 Jan 2020 12:39:17 -0600 From: William Hubbs To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Vanilla sources Message-ID: <20200104183917.GA11050@linux1.home> Mail-Followup-To: gentoo-dev@lists.gentoo.org References: <3197490.ugo6OjCCXa@daneel.sf-tec.de> <1794534.0xJHuh4lKC@crazyhorse> <19015309.XG3PSQ8cOu@daneel.sf-tec.de> <5537134e-0412-862d-e105-94c678229b46@gentoo.org> <2dd351b3-0f71-4960-ffde-2f5a99ab161d@gentoo.org> <9b48db99-19dc-617b-c0d4-ffa0216b43be@gentoo.org> <20200104083859.6e82fd4d@computer> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qDbXVdCdHGoSgWSk" Content-Disposition: inline In-Reply-To: <20200104083859.6e82fd4d@computer> User-Agent: Mutt/1.10.1 (2018-07-13) X-Archives-Salt: ddaf994e-8d75-4101-be5e-101eba253db7 X-Archives-Hash: 63fd22c32504f732d0fb8327a7b89539 --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jan 04, 2020 at 08:38:59AM +0100, Hanno B=F6ck wrote: > On Fri, 3 Jan 2020 15:48:54 +0100 > Toralf F=F6rster wrote: >=20 > > # Restrict potential illegal access via links > > #=20 > > fs.protected_hardlinks =3D 1 > > fs.protected_symlinks =3D 1=20 >=20 > Given the issues with openrc: > Wouldn't it be a good idea to add these by default to Gentoo's > sysctl.conf in baselayout? If we want to do this, it is easy for me to do it in baselayout. Thanks, William --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQTVeuxEZo4uUHOkQAluVBb0MMRlOAUCXhDb0AAKCRBuVBb0MMRl OJcBAJ4ubln3BzML/P51xJTTEpiXA0lXMwCeJd/myypQ35cnYjmKU7EmiLSuzbU= =NH/Z -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk--