Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Clear Linux Moving Ahead With Blocking dmesg Access For Non-Root Users

Written by Michael Larabel in Clear Linux on 1 June 2019 at 06:31 PM EDT. 49 Comments

CLEAR LINUX

Most Linux distributions allow unfettered access to dmesg for seeing the kernel log outputs, but seeing as kernel addresses can be dumped to this output and could be exploited by bad actors, Clear Linux is joining the select few Linux distributions so far blocking non-root users from seeing this output mostly used for debugging purposes.

Back in April I wrote about their plans for blocking dmesg access via the Linux kernel's CONFIG_SECURITY_DMESG_RESTRICT Kconfig build time switch. After evaluating the plan, they indeed are going ahead with it where only root/sudo users will be able to see the dmesg output. This also impacts container users as well as there even if you are the root user in a container you will now no longer be able to see the kernel logs of the host.

We'll see if other Linux distributions jump on board with restricting dmesg access to help kernel memory addresses from potentially being exposed.

More details on Clear Linux's enabling of SECURITY_DMESG_RESTRICT can be found via this mailing list post.

49 Comments

Related News

Clear Linux Will Now Handle Up To 512 CPU Cores / vCPUs

Intel's Clear Linux Taps -O3 For Its Kernel Builds

Clear Linux Container Performance Continues Showing Sizable Gains

Using Distrobox To Augment The Package Selection On Clear Linux, Other Distributions

Clear Linux Preparing To Move To GNOME 3.36, Dropping Their Desktop Customizations

Intel's Clear Linux To Divest From The Desktop, Focus On Server + Cloud Workloads

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Firefox 109 vs. Chrome 109 Browser Benchmarks On Ubuntu Linux + Core i9 13900K

Debian 12 "Bookworm" Hits Its First Freeze

Linux 6.3 To Remove Obsolete GPU Drivers: ATI Rage 128, 3Dfx, S3 Savage, i810 & More

helloSystem 0.8 Released As macOS Inspired FreeBSD Desktop OS

KDE Plasma 5.27 Beta Released With Tiling & Multi-Monitor Improvements

NVIDIA 525.85.05 Linux Driver Brings Few Fixes

Linux 6.2-rc5 Released - The Kernel Will Most Likely Be Extended Through 6.2-rc8

RADV Receives Patches To Help With Less Stuttering For Zink