diff options
Diffstat (limited to 'man5/proc.5')
| -rw-r--r-- | man5/proc.5 | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/man5/proc.5 b/man5/proc.5 index a1ae0ac181..9cdec71987 100644 --- a/man5/proc.5 +++ b/man5/proc.5 @@ -4597,6 +4597,28 @@ See See .BR pipe (7). .TP +.IR /proc/sys/fs/protected_fifos " (since Linux 4.19)" +The value in this file is/can be set to one of the following: +.RS +.TP 4 +0 +Writing to FIFOs is unrestricted. +.TP +1 +Don't allow +.B O_CREAT +.BR open (2) +on FIFOs that the caller doesn't own in world-writable sticky directories, +unless the FIFO is owned by the owner of the directory. +.TP +2 +As for the value 1, +but the restriction also applies to group-writable sticky directories. +.RE +.IP +The intent of the above protections is to avoid unintentional writes to an +attacker-controlled FIFO when a program expected to create a regular file. +.TP .IR /proc/sys/fs/protected_hardlinks " (since Linux 3.6)" .\" commit 800179c9b8a1e796e441674776d11cd4c05d61d7 When the value in this file is 0, |