DragonFly submit List (threaded) for 2005-09
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: [PATCH] Prevent unpriv user from reading the message buffer

From:	Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date:	Thu, 29 Sep 2005 13:37:10 -0700 (PDT)

:Moin,
:
:I ported the security.bsd.unprivileged_read_msgbuf from FreeBSD.  This 
:sysctl prevents unprivileged users from reading the message buffer.  A 
:nice feature especially for machines with lot of shell users :)
:
:With kern.unprivileged_read_msgbuf=1 (default)
:
:% dmesg
:Copyright (c) 2003, 2004, 2005 The DragonFly Project.
:[...]
:
:With kern.unprivileged_read_msgbuf=0
:
:% dmesg
:dmesg: sysctl kern.msgbuf: Operation not permitted
:
:I added the sysctl now under kern, but I think a sysctl named security 
:would be a good idea for such options?!
:
:Greets
:
:	Matthias

    Pretty good, I will commit it with some changes.  I am going to
    allow wheel group to access the message log in addition to the
    superuser.

						-Matt

References:
- [PATCH] Prevent unpriv user from reading the message buffer
  - From: Matthias Schmidt

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]