Hi On Mon, Aug 17, 2020 at 03:50:37PM +1200, Matthew Ruffell wrote: > 2) Following changes to /bin/dmesg permissions in package 'util-linux' > - Ownership changes to root:adm > - Permissions changed to 0750 (-rwxr-x---)
You mean 0754? > - Add cap_syslog capability to binary. Can someone please confirm that filesystem capabilities are restricted to the current user namespace? Otherwise this could allow stuff like containers to read host status. What happens if using capabilities fail? Bastian -- Captain's Log, star date 21:34.5...
