Kees Cook wrote:
Regardless of the outcome for "cp", it seems like turning off this
restriction on the system you're doing this on would be the best
short-term solution. It sounds like you're not using a Debian or
Ubuntu system which carries defaults in /etc/sysctl.d/ files.
----
That where the user's mods can go. There are 6 other
locations w/5 of those being directories to check. Found the
culprit in /usr/lib/sysctl.d/50-defaults (comment inside was
'distribution defaults').
So opensuse went with the other lemmings... and made it
a default. Have already reviewed and expunged unwanted settings.
Fedora's
systemd likes to put defaults into /lib/sysctl.d, if that helps you
track it down. I think systemd recognizes /etc/sysctl.d for overriding
settings in /lib/sysctl.d, so you might be able to set it there
instead.
----
You might find they are moving it to /usr/lib as well --
supposedly that's why suse is doing it.
