[grsec] Feature suggestion

[azurIt]

Hi,

we are having little problems with symlinks and security (well, these two things were always doing problems when needed togater). One example can be seen here:
https://forums.proftpd.org/smf/index.php?topic=11225.new

To make things short - we would like to deny creating of symlinks to our users. Not all applications can disallow this so it would be best to make it on kernel level. What about to make a feature in grsecurity which will work similar to TPE? Create a group which is able/not able to _create_ symlinks. What do you think?

azur