| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Nov 2010 04:27:47 -0800 From: Arjan van de Ven <arjan@...radead.org> To: Dan Rosenberg <drosenberg@...curity.com> Cc: Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org, security@...nel.org, stable@...nel.org, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [PATCH] Restrict unprivileged access to kernel syslog On Tue, 09 Nov 2010 07:11:12 -0500 Dan Rosenberg <drosenberg@...curity.com> wrote: > > > > > The initialization to zero is implicit, no need to write it out. > > > > I'll resend after the first round of comments. > > > Also, it would also be useful to have a > > CONFIG_SECURITY_RESTRICT_DMESG=y option introduced by your patch as > > well, which flag allows a distro or user to disable unprivileged > > syslog reading via the kernel config. > > Are you suggesting having the existence of the sysctl depend on > CONFIG_SECURITY_RESTRICT_DMESG, or having a choice between a sysctl > (when config is disabled) and having restrictions always on (when > config is enabled)? and/or have the sysctl default value depend on the config option -- Arjan van de Ven Intel Open Source Technology Centre For development, discussion and tips for power savings, visit http://www.lesswatts.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists