[PATCH] Prevent unpriv user from reading the message buffer
dillon at apollo.backplane.com
Thu Sep 29 13:39:05 PDT 2005
:I ported the security.bsd.unprivileged_read_msgbuf from FreeBSD. This
:sysctl prevents unprivileged users from reading the message buffer. A
:nice feature especially for machines with lot of shell users :)
:With kern.unprivileged_read_msgbuf=1 (default)
:Copyright (c) 2003, 2004, 2005 The DragonFly Project.
:dmesg: sysctl kern.msgbuf: Operation not permitted
:I added the sysctl now under kern, but I think a sysctl named security
:would be a good idea for such options?!
Pretty good, I will commit it with some changes. I am going to
allow wheel group to access the message log in addition to the
More information about the Submit