Announcement

Collapse
No announcement yet.

Clear Linux Moving Ahead With Blocking dmesg Access For Non-Root Users

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Clear Linux Moving Ahead With Blocking dmesg Access For Non-Root Users

    Phoronix: Clear Linux Moving Ahead With Blocking dmesg Access For Non-Root Users

    Most Linux distributions allow unfettered access to dmesg for seeing the kernel log outputs, but seeing as kernel addresses can be dumped to this output and could be exploited by bad actors, Clear Linux is joining the select few Linux distributions so far blocking non-root users from seeing this output mostly used for debugging purposes...

    http://www.phoronix.com/scan.php?pag...Blocking-Dmesg

  • #2
    please, who's in the "select"? thanks

    Comment


    • #3
      Originally posted by horizonbrave View Post
      please, who's in the "select"? thanks
      - Slackware

      Comment


      • #4
        Saw this on Debian Buster too...

        Comment


        • #5
          Originally posted by Licaon View Post
          Saw this on Debian Buster too...
          I don't ever recall this being anything but sudo as the minimum to view the output for Debian.

          Comment


          • #6
            Never trust only your OS's solution.

            Comment


            • #7
              Originally posted by debianxfce View Post
              Disable CONFIG_SECURITY_DMESG_RESTRICT in your kernel configuration and use mitigations=off in your kernel command line. Use a firewall in your router and a virus scanner in your web folders. Never trust to your OS solutions.

              https://arstechnica.com/information-...-av-detection/
              So your solution to better security is to disable kernel level protections, making your system more vulnerable and use a virus scanner that mostly looks for windows viruses.

              I use to enjoy reading your dumbass post saying xfce and debian sid is the best way to go. This is to much though. Are you fucking retarded? Seriously how fucking dumb are you?

              People that disable kernel mitigations for them selves because they don't like the performance impact is fine, they know what they are doing. But telling people to disable those mitigations to be more secure is flat out wrong. A virus scanner is not going to protect you from like 90% (number pulled out of my ass, I know) of the things that those mitigations protect you from.

              You are straight up giving out very bad advice on how to protect ones self.

              Michael I know I voted for keeping him, but after this, I was wrong he needs to be banned.

              Comment


              • #8
                Originally posted by Panda_Wrist View Post

                So your solution to better security is to disable kernel level protections, making your system more vulnerable and use a virus scanner that mostly looks for windows viruses.

                I use to enjoy reading your dumbass post saying xfce and debian sid is the best way to go. This is to much though. Are you fucking retarded? Seriously how fucking dumb are you?

                People that disable kernel mitigations for them selves because they don't like the performance impact is fine, they know what they are doing. But telling people to disable those mitigations to be more secure is flat out wrong. A virus scanner is not going to protect you from like 90% (number pulled out of my ass, I know) of the things that those mitigations protect you from.

                You are straight up giving out very bad advice on how to protect ones self.

                Michael I know I voted for keeping him, but after this, I was wrong he needs to be banned.
                He's a troll, he says stupid stuff in order to get reactions. But yeh, that kind of advice is dangerous.

                Comment


                • #9
                  At firs glance it looks like security through obscurity, but in this current situation it's okay.

                  Comment


                  • #10
                    while I do not see much of a point, I have been there, done that for you: https://youtu.be/HD6D9gNclYI?t=270 but I find it pretty annoying not to me abel to dmesg as joe user developer on my Linux desktop, ... :-/

                    Comment

                    Working...
                    X