---------- Forwarded message ---------
From:
Frederik Himpe <frederik@frehi.be>Date: Sun, 27 Jan 2019 at 09:15
Subject: Bug#920552: procps: Enable regular file and FIFO protection
To: Debian Bug Tracking System <
submit@bugs.debian.org>
Package: procps
Version: 2:3.3.15-2
Severity: normal
In analogy with bug #889098, procps should by default enabling the regular file
and FIFO protection added in 4.19 by setting:
fs.protected_regular = 1
fs.protected_fifos = 1
This will be done by default in systemd 241, but as Debian does not use
Systemd's sysctl settings, it should be made in procps.
References:
https://github.com/torvalds/linux/commit/30aba6656f
https://github.com/systemd/systemd/commit/2732587540035227fe59e4b64b60127352611b35
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889098
-- System Information:
Debian Release: buster/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'testing'), (400, 'unstable'), (250, 'stable'), (160, 'experimental'), (100, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-1-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages procps depends on:
ii init-system-helpers 1.56+nmu1
ii libc6 2.28-5
ii libncurses6 6.1+20181013-1
ii libncursesw6 6.1+20181013-1
ii libprocps7 2:3.3.15-2
ii libtinfo6 6.1+20181013-1
ii lsb-base 10.2018112800
Versions of packages procps recommends:
ii psmisc 23.2-1
procps suggests no packages.
-- no debconf information