Sysctl key: kernel.dmesg_restrict

What does kernel.dmesg_restrict do?

The sysctl key kernel.dmesg_restrict can be used to configure the Linux kernel and restrict access to information from dmesg.

The kernel can be instructed to limit who can access the information provided by dmesg. Typically this is quick-win to disallow normal users from seeing sensitive data that is stored by dmesg like application crash details.

The kernel config option CONFIG_SECURITY_DMESG_RESTRICT is used to set the default value of this setting.

Values

0 - No restrictions

When dmesg_restrict is set to zero (0), there are no restrictions. This means all users can access information from dmesg.

sysctl -w kernel.dmesg_restrict=0

1 - Restricted

Changing dmesg_restrict to one (1), will restrict access to those users that have the CAP_SYSLOG capability.

sysctl -w kernel.dmesg_restrict=1