[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
We should disable dmesg for unprivileged users by default
From: |
Alex Vong |
Subject: |
We should disable dmesg for unprivileged users by default |
Date: |
Sat, 13 Jul 2019 09:45:21 +0800 |
User-agent: |
mu4e 1.2.0; emacs 26.2 |
Hello Guix,
I think we should set /proc/sys/kernel/dmesg_restrict to 1 by default to
prevent unprivileged users from reading the kernel ring buffer (since it
could expose sensitive information about the system).
Debian does this. I don't know about other distros.
Cheers,
Alex
signature.asc
Description: PGP signature
- We should disable dmesg for unprivileged users by default,
Alex Vong <=