[ubuntu-hardened] dmesg restrict.
Kees Cook
kees at ubuntu.com
Tue Dec 18 20:30:18 UTC 2012
On Tue, Dec 18, 2012 at 08:28:22PM +0100, daniel curtis wrote:
> Ubuntu offers an interesting option to restrict dmesg? It is available
> via /proc/sys/kernel/dmesg_restrict, but the default setting is: *0*.
> Is there any way to enable it - change to *1*? When I'm trying to do
> it using sudo, I've got an error:
>
> /proc/sys/kernel/dmesg_restrict: Permission denied
I suspect you're accidentally redirecting to the file outside of sudo. For
sysctls, I recommend using the "sysctl" command:
sudo sysctl kernel.dmesg_restrict=1
or setting to be the default at boot time:
sudo -s
cat >/etc/sysctl.d/90-dmesg.conf <<EOM
# Turn on dmesg restrictions
kernel.dmesg_restrict = 1
EOM
-Kees
--
Kees Cook
More information about the ubuntu-hardened
mailing list