What | Removed | Added |
---|---|---|
CC | security-team@suse.de | |
Flags | needinfo?(security-team@suse.de) |
From the discussion in opensuse-factory mailing list (which I wasn't aware of when I wrote comment 5 yesterday), it is apparent that there are users who believe dmesg access should be restricted by default. I don't have a strong opinion in either direction but would be slightly inclined to have the access restricted. Before proceeding further, let's as the security team for their opinion. The question is: should access to dmesg be restricted to root as it is in SLE (CONFIG_SECURITY_DMESG_RESTRICT=y) or should it be left unrestricted as it used to be in all openSUSE kernels until the recent accidental change in Tumbleweed and Leap 15.2?