Cheat Sheets

Security - dmesg restricted

Description

Non-root users should have no access to sensitive infos in dmesg

Solution

echo 'kernel.dmesg_restrict = 1' >/etc/sysctl.d/50-dmesg-restrict.conf && sysctl -p

Check Script: security-dmesg-restrict.sh

#!/bin/bash

if [ $(/sbin/sysctl -n kernel.dmesg_restrict) == "1" ]; then result_ok else result_failed "dmesg is not restricted to root only!" fi
Comment on Disqus