Public bug reported: The CONFIG_SECURITY_DMESG_RESTRICT option is not set on the Ubuntu Pi kernels, resulting in dmesg being accessible to ordinary users.
This is in contrast to PC installs, where dmesg is now restricted to the "root" user in 20.10 onwards. The following messages from the ubuntu- devel list cover the original proposal (which proposed limiting dmesg to root:adm), and earlier discussion from 2011 (which proposed limiting dmesg to root alone, which is what was implemented in groovy): https://lists.ubuntu.com/archives/ubuntu-devel/2020-June/041063.html https://lists.ubuntu.com/archives/ubuntu-devel/2011-May/033240.html ** Affects: linux-raspi (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-raspi in Ubuntu. https://bugs.launchpad.net/bugs/1902934 Title: dmesg is not restricted in linux-raspi kernel Status in linux-raspi package in Ubuntu: New Bug description: The CONFIG_SECURITY_DMESG_RESTRICT option is not set on the Ubuntu Pi kernels, resulting in dmesg being accessible to ordinary users. This is in contrast to PC installs, where dmesg is now restricted to the "root" user in 20.10 onwards. The following messages from the ubuntu-devel list cover the original proposal (which proposed limiting dmesg to root:adm), and earlier discussion from 2011 (which proposed limiting dmesg to root alone, which is what was implemented in groovy): https://lists.ubuntu.com/archives/ubuntu-devel/2020-June/041063.html https://lists.ubuntu.com/archives/ubuntu-devel/2011-May/033240.html To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-raspi/+bug/1902934/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
