As you can see from the Debian bug, there's no reasoning for setting the default to 2 other than 'probably better', but only protected_regular is increased to 2. I don't have any objection to increasing the protection, but it should happen in upstream systemd, or at least we should have specific reasoning to adjust it in Ubuntu if upstream has reasoning to not increase it (after someone proposes it upstream).
> (is it the kernel?)
the kernel defaults to 0 for both protected_regular and protected_fifo.
> Who sets the fs.protected_ regular= 2 value
that was set by the procps package, in this commit: /salsa. debian. org/debian/ procps/ -/commit/ 299f4a1a10810e2 995e666374b880b 543af8e8e4
https:/
for debian bug: /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 914859
https:/
I removed that file from Ubuntu via bug: /bugs.launchpad .net/ubuntu/ +source/ procps/ +bug/1938585
https:/
As you can see from the Debian bug, there's no reasoning for setting the default to 2 other than 'probably better', but only protected_regular is increased to 2. I don't have any objection to increasing the protection, but it should happen in upstream systemd, or at least we should have specific reasoning to adjust it in Ubuntu if upstream has reasoning to not increase it (after someone proposes it upstream).
> (is it the kernel?)
the kernel defaults to 0 for both protected_regular and protected_fifo.