guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

We should disable dmesg for unprivileged users by default


From: Alex Vong
Subject: We should disable dmesg for unprivileged users by default
Date: Sat, 13 Jul 2019 09:45:21 +0800
User-agent: mu4e 1.2.0; emacs 26.2

Hello Guix,

I think we should set /proc/sys/kernel/dmesg_restrict to 1 by default to
prevent unprivileged users from reading the kernel ring buffer (since it
could expose sensitive information about the system).

Debian does this. I don't know about other distros.

Cheers,
Alex

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]