[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/02: website: keep-failed bug blog post: Clarify the impact of protect
|
From: |
Leo Famulari |
|
Subject: |
02/02: website: keep-failed bug blog post: Clarify the impact of protected hardlinks. |
|
Date: |
Thu, 18 Mar 2021 14:09:39 -0400 (EDT) |
lfam pushed a commit to branch master
in repository guix-artwork.
commit b6b0c5c307f6722bb25146123a1af6aef06597b9
Author: Leo Famulari <leo@famulari.name>
AuthorDate: Thu Mar 18 14:08:12 2021 -0400
website: keep-failed bug blog post: Clarify the impact of protected
hardlinks.
* website/posts/keep-failed.md: Clarify.
---
website/posts/keep-failed.md | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/website/posts/keep-failed.md b/website/posts/keep-failed.md
index 8d70999..f2cc6fd 100644
--- a/website/posts/keep-failed.md
+++ b/website/posts/keep-failed.md
@@ -13,10 +13,11 @@ It does _not_ affect multi-user setups where `guix-daemon`
runs on a
separate machine and is accessed over the network via
`GUIX_DAEMON_SOCKET`, as is customary on [cluster
setups](https://hpc.guix.info/blog/2017/11/installing-guix-on-a-cluster/).
-Machines where the Linux [protected
+Exploitation is more difficult, but not impossible, on machines where
+the Linux [protected
hardlinks](https://sysctl-explorer.net/fs/protected_hardlinks/) feature
-is enabled, which is common, are also unaffected — this is the case when
-the contents of `/proc/sys/fs/protected_hardlinks` are `1`.
+is enabled, which is common — this is the case when the contents of
+`/proc/sys/fs/protected_hardlinks` are `1`.
# Vulnerability