Enabling the kernel's DMESG_RESTRICT feature
martin.pitt at ubuntu.com
Wed May 25 19:36:16 UTC 2011
Kees Cook [2011-05-25 12:01 -0700]:
> On Wed, May 25, 2011 at 08:27:01PM +0200, Martin Pitt wrote:
> > One word: attach_root_command_outputs() :)
> > Hooks can and should use this apport.hookutils function if they have
> > several log files to attach.
> But the existing code for attach_dmesg() doesn't really fold into that very
> well since it's reading the old /var/log/dmesg file, then running "dmesg"
> itself, etc.
You can actually run attach_root_command_outputs() several times in a
row, and the subsequent times it won't ask for another password, but
retain the sudo ticket. That just doesn't work for
root_command_output() as that also captures stderr (and then sudo
doesn't have any remaining tty any more to get the ticket from).
So if needed, you can implement attach_dmesg() with
But aside from that I do agree with Steve that it both seems a lot
safer as well as more convenient and less intrusive to just filter out
the address from the printk in the first place, instead of disallowing
non-admins to see some useful debugging (like errors on removable disk
drives, what the heck is currently wrong with their wifi, etc.)
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
More information about the ubuntu-devel