On Mon, Aug 11, 2008 at 01:11:33PM +0100, Matt Zimmerman wrote: > On Mon, Aug 11, 2008 at 11:35:38AM -0000, Scott Ritchie wrote: > > Good point. /etc/sysctl.conf should remain the standard thing to edit > > for overrides. That can be done after/at the same time as this patch > > though. > > > > Making a new file and copying the current contents of our default > > sysctl.conf to it should be fairly simple. All we need to do then is > > put some comments into sysctl.conf saying where the new default settings > > are and how to override them. > > > > Would you like to make the change or should I prepare another patch? > > I can't work on this right now but am happy to review. You might also try > Kees, since I believe he added the defaults originally.
My intention after the procps merge was to move the ubuntu-specific sysctl items into the .d directory. It is a correct design to have the sysctl.conf be the global override location -- the bug here is that anything is shipped in this file. As for the wine/min_addr thing, I'm still not very happy with the installation of wine disabling this default -- I would much rather either wine fix this by catching segvs, or a command is created to temporarily disable the setting. Making it an installed default weakens security as a whole for the entire system. -- Kees Cook Ubuntu Security Team -- invoke-rc.d procps start loads /etc/syctl.d before /etc/sysctl.conf https://bugs.launchpad.net/bugs/256025 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs