Re: kernel ring buffer accessible by users

From: Jason Cook (jasonc@reinit.org)
Date: Tue Apr 22 2003 - 14:53:04 EST

Next message: Jörn Engel: "Re: [PATCH][ANNOUNCE] Linux 2.5.68-ce2"
Previous message: Alexey Mahotkin: "Re: [PATCH] implement __GFP_REPEAT, __GFP_NOFAIL, __GFP_NORETRY"
In reply to: Julien Oster: "kernel ring buffer accessible by users"
Next in thread: Olaf Hering: "Re: kernel ring buffer accessible by users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Julien Oster (frodo@dereference.de) wrote:
>
> Hello,
>
> it's been quite a while that I noticed that any ordinary user, not
> just root, can type "dmesg" to see the kernel ring buffer.
>
> My question now is: Why? I often saw things in the kernel ring buffer
> which I don't want every user to know (e.g. some telephone numbers with
> ISDN).
>
> Are there any problems in just letting root get the contents of the
> kernel ring buffer?
>
> Julien
> -

grsec has an option to do this:

http://www.grsecurity.net/

-- Jason Cook | GnuPG Fingerprint: D531 F4F4 BDBF 41D1 514D GNU/Linux Engineering Lead | F930 FD03 262E 5120 BEDD evolServ Technology | Home page: http://reinit.org

cthread. cthread_fork(). Fork, thread, fork!

application/pgp-signature attachment: stored

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Jörn Engel: "Re: [PATCH][ANNOUNCE] Linux 2.5.68-ce2"
Previous message: Alexey Mahotkin: "Re: [PATCH] implement __GFP_REPEAT, __GFP_NOFAIL, __GFP_NORETRY"
In reply to: Julien Oster: "kernel ring buffer accessible by users"
Next in thread: Olaf Hering: "Re: kernel ring buffer accessible by users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Apr 23 2003 - 22:00:34 EST