sysctl.conf: prevent unintentional writes into attacker-controlled files and FIFOs
Similar to hard- and symlink protection introduced a while ago, this
patch enables protections against unintentional writes into
attacker-controlled regular files or FIFOs, where a program expected to
create new ones. This makes exploiting TOCTOU flaws harder.
See also: https://www.kernel.org/doc/Documentation/sysctl/fs.txt
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>