Date: Fri, 13 Mar 2015 11:37:45 +0000 From: Marek Kroemeke <kroemeke@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Disabling reading of kernel log buffer reading for user http://lwn.net/Articles/414813/ echo 1 > /proc/sys/kernel/dmesg_restrict > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello List, > > After years working on Linux, I just found out, that any user not only root can read the kernel log buffer - I never even considered that this could be the case. > > As this behavior is documented and expected, this is not a security vulnerability. But to avoid things like in , I would like to disable that on my machines. > > Questions: > > * What would be the side effects of making /dev/kmesg only root accessible? Maybe syslog not able to write kmessages to log? > > * Would it be safe to disable the syslog syscall for action SYSLOG_ACTION_READ_* and all users except root and syslog? Does someone have tested selinux config for that? > > hd > > >  http://www.halfdog.net/Security/2015/HavingFunWithDmesg/ > > - -- > http://www.halfdog.net/ > PGP: 156A AE98 B91F 0114 FE88 2BD8 C459 9386 feed a bee > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iEYEARECAAYFAlUCtGQACgkQxFmThv7tq+4FFQCeN4Txgu40/tDsWGSVaK2sm7La > VusAnRUCtETL9IGmaeSyQUt2dyCQgCpV > =Krnc > -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ