On Sat, 04 Jan 2020 19:41:21 +0100
Michał Górny <mgorny@gentoo.org> wrote:

> On Sat, 2020-01-04 at 08:38 +0100, Hanno Böck wrote:
> > On Fri, 3 Jan 2020 15:48:54 +0100
> > Toralf Förster <toralf@gentoo.org> wrote:
> >   
> > > #       Restrict potential illegal access via links
> > > # 
> > > fs.protected_hardlinks = 1
> > > fs.protected_symlinks = 1   
> > 
> > Given the issues with openrc:
> > Wouldn't it be a good idea to add these by default to Gentoo's
> > sysctl.conf in baselayout?  
> 
> Yes, we should.  This really sounds like some horror where developers
> are hacking things around in sources instead of communicating with
> people maintaining the component where a proper fix belongs.

I created a bug for this so we can move the discussion there:
https://bugs.gentoo.org/704914

Particularly if anyone thinks this is a bad idea or knows of a
situation where this breaks things please speak up now in the bugreport.

-- 
Hanno Böck
https://hboeck.de/