[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: linux-libre: Restrict ‘dmesg’ to privileged users.
From: |
guix-commits |
Subject: |
01/01: gnu: linux-libre: Restrict ‘dmesg’ to privileged users. |
Date: |
Fri, 26 Jul 2019 19:18:37 -0400 (EDT) |
nckx pushed a commit to branch master
in repository guix.
commit 24446ce299943efe3dfded6c9dd0cf9421d8da04
Author: Tobias Geerinckx-Rice <address@hidden>
Date: Wed Jul 17 09:09:15 2019 +0200
gnu: linux-libre: Restrict ‘dmesg’ to privileged users.
* gnu/packages/linux.scm (%default-extra-linux-options):
Set CONFIG_SECURITY_DMESG_RESTRICT.
---
gnu/packages/linux.scm | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 5288328..4689c61 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -561,7 +561,9 @@ for ARCH and optionally VARIANT, or #f if there is no such
configuration."
(search-auxiliary-file file)))
(define %default-extra-linux-options
- `(;; Modules required for initrd:
+ `(;; Some very mild hardening.
+ ("CONFIG_SECURITY_DMESG_RESTRICT" . #t)
+ ;; Modules required for initrd:
("CONFIG_NET_9P" . m)
("CONFIG_NET_9P_VIRTIO" . m)
("CONFIG_VIRTIO_BLK" . m)