New hardening in #Sydbox 3.50.0: "Immutable Sticky Bit" where Syd enforces the immutability of the sticky bit at chmod(2) boundary for directories. Sticky bit on dirs such as /tmp is a critical security primitive that restricts file deletion/renaming to file/directory owner or root. This also helps raise the bar for trusted symlink bypasses. On by default, disable with trace/allow_unsafe_sticky:1. Refer to the manual page for more information: https://man.exherbo.org/syd.7.html#Immutable_Sticky_Bit #exherbo #linux #security
alip
@alip@mastodon.online
Homo Ludens. I push wood, set traps, write code and poetry. # sydbox is my problem child. I live in # Berlin . I am an # Exherbo # Linux developer. I love # chess , # freesoftware , # poetry , # perl , # c , # rustlang , and # haskell . # Antifa , # Atheist , # fckafd , and # fckakp . Don't come to me with guns, come to me with roses. # Revolution will not be broadcasted on TV. # direngezi ! https:// chesswob.org https:// git.sr.ht/~alip/jja https:// sydbox.exherbolinux.org
mastodon.online
alip
@alip@mastodon.online
Homo Ludens. I push wood, set traps, write code and poetry. # sydbox is my problem child. I live in # Berlin . I am an # Exherbo # Linux developer. I love # chess , # freesoftware , # poetry , # perl , # c , # rustlang , and # haskell . # Antifa , # Atheist , # fckafd , and # fckakp . Don't come to me with guns, come to me with roses. # Revolution will not be broadcasted on TV. # direngezi ! https:// chesswob.org https:// git.sr.ht/~alip/jja https:// sydbox.exherbolinux.org
mastodon.online
@alip@mastodon.online
·
Mar 01, 2026
0
0
0
Loading comments...