On Wed, Oct 03, 2012 at 04:41:41PM -0400, Theodore Ts'o wrote:
> On Wed, Oct 03, 2012 at 01:29:15PM -0700, Linus Torvalds wrote:
> > On Wed, Oct 3, 2012 at 1:05 PM, Kees Cook wrote:
> > >
> > > 3.6 introduced link restrictions:
> > Hmm. If this causes problems for others, I suspect we need to turn it
> > off by default.
> > It's a nice security thing, but considering how quickly people started
> > complaining after 3.6 was out, I suspect we'll see more of these, and
> > we may not have any choice.
> True, although I'm not sure we should be encouraging kernel developers
> to have world-writeable directories. I suppose if it's a single-user
> workstation it wouldn't matter, but you could imagine a daemon running
> has "nobody" which has a stack overflow bug, and then if the user has
> been careless and uses umasks so that directories in their home
> directory are world writeable, well.....
> Regardless of whether or not we turn this security feature off by
> default, I think it's worthwhile to look at how and why did Nick's
> directories become world-writeable, and whether there is so distro
> default which is causing or encouraging this.
I think the benefits of this being on by default outweigh glitches
like this. Based on Nick's email, it looks like a directory tree of his
Kees Cook @outflux.net