From 11d91322beffcb4c420dc5e086782b20732ac6fe Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Thu, 3 Jan 2019 16:38:56 +0100
Subject: T1151: elevate permissions when accessing kernel ring buffer

The kernel syslog contains debugging information that is often useful during
exploitation of other vulnerabilities, such as kernel heap addresses. Rather
than futilely attempt to sanitize hundreds (or thousands) of printk statements
and simultaneously cripple useful debugging functionality, it is far simpler
to create an option that prevents unprivileged users from reading the syslog.

For more information please refer to: https://lwn.net/Articles/414813/
---
 templates/show/system/kernel-messages/node.def | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'templates')

diff --git a/templates/show/system/kernel-messages/node.def b/templates/show/system/kernel-messages/node.def
index 6f41ae3..9a9229b 100644
--- a/templates/show/system/kernel-messages/node.def
+++ b/templates/show/system/kernel-messages/node.def
@@ -1,2 +1,2 @@
 help: Show messages in kernel ring buffer
-run: dmesg
+run: sudo dmesg
-- 
cgit v1.2.3