I have created patches for both the procps package and the util-linux package which implements the proposed changes.
You can find test packages in the following ppa: https://launchpad.net/~mruffell/+archive/ubuntu/lp1886112-test Debdiff for procps: https://paste.ubuntu.com/p/qvmHgMhXSj/ Debdiff for util-linux: https://paste.ubuntu.com/p/SYrK9xrwnP/ I have tested the packages on a Groovy daily build, and the changes function as intended. The default user, who is in the adm group can use dmesg freely, and unprivileged users can no longer access dmesg. I am looking for feedback about the maintainability of the util-linux patches, particularly about the additional burden it would place on merges performed in the future. My main worry is the additional dependency of libcap2-bin needed to set CAP_SYSLOG on /bin/dmesg. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1886112 Title: Enabling DMESG_RESTRICT in Groovy Onward To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1886112/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
