01/01: gnu: linux-libre: Restrict ‘dmesg’ to privileged users.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: linux-libre: Restrict ‘dmesg’ to privileged users.

From:	guix-commits
Subject:	01/01: gnu: linux-libre: Restrict ‘dmesg’ to privileged users.
Date:	Fri, 26 Jul 2019 19:18:37 -0400 (EDT)

nckx pushed a commit to branch master
in repository guix.

commit 24446ce299943efe3dfded6c9dd0cf9421d8da04
Author: Tobias Geerinckx-Rice <address@hidden>
Date:   Wed Jul 17 09:09:15 2019 +0200

    gnu: linux-libre: Restrict ‘dmesg’ to privileged users.
    
    * gnu/packages/linux.scm (%default-extra-linux-options):
    Set CONFIG_SECURITY_DMESG_RESTRICT.
---
 gnu/packages/linux.scm | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 5288328..4689c61 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -561,7 +561,9 @@ for ARCH and optionally VARIANT, or #f if there is no such 
configuration."
     (search-auxiliary-file file)))
 
 (define %default-extra-linux-options
-  `(;; Modules required for initrd:
+  `(;; Some very mild hardening.
+    ("CONFIG_SECURITY_DMESG_RESTRICT" . #t)
+    ;; Modules required for initrd:
     ("CONFIG_NET_9P" . m)
     ("CONFIG_NET_9P_VIRTIO" . m)
     ("CONFIG_VIRTIO_BLK" . m)

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (4b03565 -> 24446ce), guix-commits, 2019/07/26
- 01/01: gnu: linux-libre: Restrict ‘dmesg’ to privileged users., guix-commits <=

Prev by Date: branch master updated (4b03565 -> 24446ce)
Next by Date: branch master updated (24446ce -> 76b9672)
Previous by thread: branch master updated (4b03565 -> 24446ce)
Next by thread: branch master updated (24446ce -> 76b9672)
Index(es):
- Date
- Thread