Enable regular file and FIFO protection

These sysctls were added in Linux 4.19 (torvalds/linux@30aba6656f), and we should enable them just like we enable the older hardlink/symlink protection since v199. Implements #11414.
author: Lucas Werkmeister <mail@lucaswerkmeister.de> 2019-01-16 00:16:10 +0100
committer: Lennart Poettering <lennart@poettering.net> 2019-01-16 12:22:01 +0100
commit: 2732587540035227fe59e4b64b60127352611b35 (patch)
tree: 66ca47a68162107ad0533a2320ef9af38c005c59 /sysctl.d
parent: Fix omission in docs (diff)
download: systemd-2732587540035227fe59e4b64b60127352611b35.tar.xz
systemd-2732587540035227fe59e4b64b60127352611b35.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf
index b0645f33e7..27084f6242 100644
--- a/sysctl.d/50-default.conf
+++ b/sysctl.d/50-default.conf
@@ -36,3 +36,7 @@ net.core.default_qdisc = fq_codel
 # Enable hard and soft link protection
 fs.protected_hardlinks = 1
 fs.protected_symlinks = 1
+
+# Enable regular file and FIFO protection
+fs.protected_regular = 1
+fs.protected_fifos = 1
author	Lucas Werkmeister <mail@lucaswerkmeister.de>	2019-01-16 00:16:10 +0100
committer	Lennart Poettering <lennart@poettering.net>	2019-01-16 12:22:01 +0100
commit	2732587540035227fe59e4b64b60127352611b35 (patch)
tree	66ca47a68162107ad0533a2320ef9af38c005c59 /sysctl.d
parent	Fix omission in docs (diff)
download	systemd-2732587540035227fe59e4b64b60127352611b35.tar.xz systemd-2732587540035227fe59e4b64b60127352611b35.zip