* Julien Oster (frodo@dereference.de) wrote:
> 
> Hello,
> 
> it's been quite a while that I noticed that any ordinary user, not
> just root, can type "dmesg" to see the kernel ring buffer.
> 
> My question now is: Why? I often saw things in the kernel ring buffer
> which I don't want every user to know (e.g. some telephone numbers with
> ISDN).
> 
> Are there any problems in just letting root get the contents of the
> kernel ring buffer?
> 
> Julien
> -

grsec has an option to do this:

http://www.grsecurity.net/

-- 
Jason Cook                 |  GnuPG Fingerprint: D531 F4F4 BDBF 41D1 514D
GNU/Linux Engineering Lead |                     F930 FD03 262E 5120 BEDD
evolServ Technology        |  Home page: http://reinit.org

cthread.  cthread_fork().  Fork, thread, fork!