Ubuntu 20.10 Looking At Restricting Access To Kernel Logs With dmesg

Written by Michael Larabel in Ubuntu on 17 June 2020 at 06:22 AM EDT. 32 Comments
Ubuntu 20.10 will likely join other Linux distributions in restricting access to dmesg by unprivileged users.

Due to dmesg able to leak kernel addresses and other sensitive information, the plan is to not allow dmesg access for unprivileged users. We previously covered the situation more at length within In 2019, Most Linux Distributions Still Aren't Restricting Dmesg Access.

Over the past year or so, Clear Linux and other distributions have begun restricting this dmesg access via the CONFIG_SECURITY_DMESG_RESTRICT Kconfig switch for the kernel builds -- the same approach being pursued now by Canonical with Ubuntu 20.10.

Canonical's Matthew Ruffell calls this "the final security gap currently enjoyed by unprivileged users on multi-user systems" with Ubuntu already restricting access to kernel.log, syslog, and similar information logs yet dmesg on existing Ubuntu releases continues to be fully accessible.

More details on the dmesg restriction plans for Ubuntu 20.10 via Ubuntu-devel.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week