Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f9557fba authored by Nick Kralevich's avatar Nick Kralevich
Browse files

Set /proc/sys/kernel/dmesg_restrict to 1 

Set dmesg_restrict to 1 to help limit inadvertent information leaks
from the kernel to non-privileged programs.  Root and programs with
CAP_SYSLOG will continue to have access to dmesg output.

See "dmesg_restrict" in Documentation/sysctl/kernel.txt from the
Linux kernel source code.

Bug: 5585365
Change-Id: Iffcf060ea4bd446ab9acf62b8b61d315d4ec4633
parent 1e339a71

rootdir/init.rc

+1 −0
Original line number Diff line number Diff line
@@ -69,6 +69,7 @@ loglevel 3 
    write /proc/sys/kernel/sched_child_runs_first 0

    write /proc/sys/kernel/randomize_va_space 2

    write /proc/sys/kernel/kptr_restrict 2

    write /proc/sys/kernel/dmesg_restrict 1



# Create cgroup mount points for process groups

    mkdir /dev/cpuctl