Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Clear Linux Moving Ahead With Blocking dmesg Access For Non-Root Users

Written by Michael Larabel in Clear Linux on 1 June 2019 at 06:31 PM EDT. 49 Comments

CLEAR LINUX

Most Linux distributions allow unfettered access to dmesg for seeing the kernel log outputs, but seeing as kernel addresses can be dumped to this output and could be exploited by bad actors, Clear Linux is joining the select few Linux distributions so far blocking non-root users from seeing this output mostly used for debugging purposes.

Back in April I wrote about their plans for blocking dmesg access via the Linux kernel's CONFIG_SECURITY_DMESG_RESTRICT Kconfig build time switch. After evaluating the plan, they indeed are going ahead with it where only root/sudo users will be able to see the dmesg output. This also impacts container users as well as there even if you are the root user in a container you will now no longer be able to see the kernel logs of the host.

We'll see if other Linux distributions jump on board with restricting dmesg access to help kernel memory addresses from potentially being exposed.

More details on Clear Linux's enabling of SECURITY_DMESG_RESTRICT can be found via this mailing list post.

49 Comments

Related News

Clear Linux Will Now Handle Up To 512 CPU Cores / vCPUs

Intel's Clear Linux Taps -O3 For Its Kernel Builds

Clear Linux Container Performance Continues Showing Sizable Gains

Using Distrobox To Augment The Package Selection On Clear Linux, Other Distributions

Clear Linux Preparing To Move To GNOME 3.36, Dropping Their Desktop Customizations

Intel's Clear Linux To Divest From The Desktop, Focus On Server + Cloud Workloads

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them

Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives

Fedora 41 Looks To "-O3" Optimizations For Its Python Build

Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver

APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More

KDE's KWin Merges Wayland Explicit Sync Support

Gentoo Linux Now An SPI Project

Open-Source Radeon Driver Enables Support For Vulkan Video H.264/H.265 Encode