Hi list!
I've ported the hardlink/symlink protection of the grsecurity patch to Suse's 2.6 kernels. My patch makes it considerable harder (and sometimes impossible) to exploit insecure handling of files in /tmp. Additionally it prevents some other annoying things that an attacker could do with hard/symlinks. The patch, more details and install instructions can be found on my website (http://private.addcom.de/nordi/). Feedback is welcome!
The patch is very small and non-intrusive. The slightly changed handling of links should(!) not break existing software. At least I've been using this patch myself on a Suse 9.1 and a 9.2 machine for a couple of weeks now and haven't seen anything break that wasn't broken before ;)
Regards nordi
SHA1 checksums for the patches: Suse 9.2: d8138ce3da839aefa77a236ac0bd6436318ffc52 Suse 9.1: c7210821fa8c2ca87f2a4e2cb13646bdec36f72c