Re: [PATCH] Restrict unprivileged access to kernel syslog
From: Dan Rosenberg
Date: Tue Nov 09 2010 - 07:11:18 EST
>
> The initialization to zero is implicit, no need to write it out.
>
I'll resend after the first round of comments.
> Also, it would also be useful to have a CONFIG_SECURITY_RESTRICT_DMESG=y option
> introduced by your patch as well, which flag allows a distro or user to disable
> unprivileged syslog reading via the kernel config.
Are you suggesting having the existence of the sysctl depend on
CONFIG_SECURITY_RESTRICT_DMESG, or having a choice between a sysctl
(when config is disabled) and having restrictions always on (when config
is enabled)?
-Dan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/