[linux] 02/03: security,printk: Enable SECURITY_DMESG_RESTRICT
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Fri Oct 7 02:13:03 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch master
in repository linux.
commit f3b836ba7cb6ef1fbaeff6e0ba33d4b1bde79bff
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Fri Oct 7 02:57:54 2016 +0100
security,printk: Enable SECURITY_DMESG_RESTRICT
This prevents non-root users reading the kernel log by default (sysctl:
kernel.dmesg_restrict)
---
debian/changelog | 2 ++
debian/config/config | 1 +
2 files changed, 3 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 99d9c69..8e70b47 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -19,6 +19,8 @@ linux (4.8-1~exp1) UNRELEASED; urgency=medium
* [powerpc*/*64*] Enable OPAL_PRD, MTD, MTD_POWERNV_FLASH as modules
(Closes: #838604, #838605)
* Compile with gcc-6 on all architectures
+ * security,printk: Enable SECURITY_DMESG_RESTRICT, preventing non-root users
+ reading the kernel log by default (sysctl: kernel.dmesg_restrict)
-- Ben Hutchings <ben at decadent.org.uk> Sat, 01 Oct 2016 21:51:33 +0100
diff --git a/debian/config/config b/debian/config/config
index 17b4e2d..4d72e3d 100644
--- a/debian/config/config
+++ b/debian/config/config
@@ -6643,6 +6643,7 @@ CONFIG_NET_KEY_MIGRATE=y
##
## file: security/Kconfig
##
+CONFIG_SECURITY_DMESG_RESTRICT=y
CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
CONFIG_SECURITY=y
CONFIG_SECURITY_NETWORK=y
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list