[LEDE-DEV] [PATCH 1/3] kernel: Restrict dmesg output to root.
Rosen Penev
rosenp at gmail.com
Fri Mar 30 15:18:02 PDT 2018
In typical OpenWrt setups, there are no other users that have a shell spawned for them by default.
This can be overriden by the kernel.dmesg_output syssctl.
Signed-off-by: Rosen Penev <rosenp at gmail.com>
---
target/linux/generic/config-3.18 | 2 +-
target/linux/generic/config-4.14 | 2 +-
target/linux/generic/config-4.4 | 2 +-
target/linux/generic/config-4.9 | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/linux/generic/config-3.18 b/target/linux/generic/config-3.18
index 04245531f6..0f66960fdc 100644
--- a/target/linux/generic/config-3.18
+++ b/target/linux/generic/config-3.18
@@ -3284,7 +3284,7 @@ CONFIG_SCSI_PROC_FS=y
# CONFIG_SECCOMP is not set
# CONFIG_SECURITY is not set
# CONFIG_SECURITYFS is not set
-# CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_SECURITY_DMESG_RESTRICT=y
# CONFIG_SEEQ8005 is not set
CONFIG_SELECT_MEMORY_MODEL=y
# CONFIG_SENSORS_ABITUGURU is not set
diff --git a/target/linux/generic/config-4.14 b/target/linux/generic/config-4.14
index a27198335d..8a1e494429 100644
--- a/target/linux/generic/config-4.14
+++ b/target/linux/generic/config-4.14
@@ -3999,7 +3999,7 @@ CONFIG_SCSI_PROC_FS=y
CONFIG_SECTION_MISMATCH_WARN_ONLY=y
# CONFIG_SECURITY is not set
# CONFIG_SECURITYFS is not set
-# CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_SECURITY_DMESG_RESTRICT=y
CONFIG_SELECT_MEMORY_MODEL=y
# CONFIG_SENSORS_ABITUGURU is not set
# CONFIG_SENSORS_ABITUGURU3 is not set
diff --git a/target/linux/generic/config-4.4 b/target/linux/generic/config-4.4
index 3285000eb4..d29f27d747 100644
--- a/target/linux/generic/config-4.4
+++ b/target/linux/generic/config-4.4
@@ -3423,7 +3423,7 @@ CONFIG_SCSI_PROC_FS=y
CONFIG_SECTION_MISMATCH_WARN_ONLY=y
# CONFIG_SECURITY is not set
# CONFIG_SECURITYFS is not set
-# CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_SECURITY_DMESG_RESTRICT=y
CONFIG_SELECT_MEMORY_MODEL=y
# CONFIG_SENSORS_ABITUGURU is not set
# CONFIG_SENSORS_ABITUGURU3 is not set
diff --git a/target/linux/generic/config-4.9 b/target/linux/generic/config-4.9
index 3f050c205c..1cc607d4dd 100644
--- a/target/linux/generic/config-4.9
+++ b/target/linux/generic/config-4.9
@@ -3766,7 +3766,7 @@ CONFIG_SCSI_PROC_FS=y
CONFIG_SECTION_MISMATCH_WARN_ONLY=y
# CONFIG_SECURITY is not set
# CONFIG_SECURITYFS is not set
-# CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_SECURITY_DMESG_RESTRICT=y
CONFIG_SELECT_MEMORY_MODEL=y
# CONFIG_SENSORS_ABITUGURU is not set
# CONFIG_SENSORS_ABITUGURU3 is not set
--
2.16.3
More information about the Lede-dev
mailing list