Enabling the kernel's DMESG_RESTRICT feature
Kees Cook
kees at ubuntu.com
Wed May 25 19:01:42 UTC 2011
On Wed, May 25, 2011 at 08:27:01PM +0200, Martin Pitt wrote:
> Hello Kees, all,
>
> Kees Cook [2011-05-25 10:03 -0700]:
> > Yeah, the problem is that it's not a one-time question (see the bug above),
> > so that each time we need privileges to gather data, apport will prompt for
> > the sudo password _again_. :(
>
> One word: attach_root_command_outputs() :)
>
> Hooks can and should use this apport.hookutils function if they have
> several log files to attach.
But the existing code for attach_dmesg() doesn't really fold into that very
well since it's reading the old /var/log/dmesg file, then running "dmesg"
itself, etc.
--
Kees Cook
Ubuntu Security Team
More information about the ubuntu-devel
mailing list