Bug#867747: marked as done (/var/log/dmesg world-readable despite kernel.dmesg_restrict = 1)

Thu, 14 Feb 2019 13:24:22 -0800 

Your message dated Thu, 14 Feb 2019 21:22:51 +0000
with message-id <[email protected]>
and subject line Bug#867747: fixed in sysvinit 2.93-9
has caused the Debian Bug report #867747,
regarding /var/log/dmesg world-readable despite kernel.dmesg_restrict = 1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
867747: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867747
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: rsyslog
Version: 8.24.0-1
Severity: normal
Tags: security

According to https://wiki.debian.org/NewInStretch 'dmesg' should require
superuser privileges.
/var/log/dmesg is world-readable which might undermine the restriction set by
kernel.dmesg_restrict = 1.



-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages rsyslog depends on:
ii  init-system-helpers  1.48
ii  libc6                2.24-11+deb9u1
ii  libestr0             0.1.10-2
ii  libfastjson4         0.99.4-1
ii  liblogging-stdlog0   1.0.5-2+b2
ii  liblognorm5          2.0.1-1.1+b1
ii  libsystemd0          232-25
ii  libuuid1             2.29.2-1
ii  lsb-base             9.20161125
ii  zlib1g               1:1.2.8.dfsg-5

Versions of packages rsyslog recommends:
ii  logrotate  3.11.0-0.1

Versions of packages rsyslog suggests:
pn  rsyslog-doc                    <none>
pn  rsyslog-gnutls                 <none>
pn  rsyslog-gssapi                 <none>
pn  rsyslog-mongodb                <none>
pn  rsyslog-mysql | rsyslog-pgsql  <none>
pn  rsyslog-relp                   <none>

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: sysvinit
Source-Version: 2.93-9

We believe that the bug you reported is fixed in the latest version of
sysvinit, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dmitry Bogatov <[email protected]> (supplier of updated sysvinit package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 Feb 2019 20:55:23 +0000
Source: sysvinit
Architecture: source
Version: 2.93-9
Distribution: experimental
Urgency: medium
Maintainer: Debian sysvinit maintainers 
<[email protected]>
Changed-By: Dmitry Bogatov <[email protected]>
Closes: 867747
Changes:
 sysvinit (2.93-9) experimental; urgency=medium
 .
   * Ensure predictable permission on /var/log/dmesg. (Closes: #867747)
Checksums-Sha1:
 37c314333b87e7032cc12fd358884e766bfbd859 2657 sysvinit_2.93-9.dsc
 87cf71b7c5ec1a1d37f504f2018dcc039705fd2b 127884 sysvinit_2.93-9.debian.tar.xz
 f76bcfd7d51a38a78e57ee227567051b060176e2 5674 sysvinit_2.93-9_source.buildinfo
Checksums-Sha256:
 0582c6d87aae9addbfd5cc4f28f01b87864544390b2e8b75d397ae5344c69836 2657 
sysvinit_2.93-9.dsc
 b84e42fad520d49010b8431819226f767670c980216a5b0a14128c0822da7480 127884 
sysvinit_2.93-9.debian.tar.xz
 813217db7812128b5673d3378be273eb37a6f0f535bf3b9640227bfb561b43f4 5674 
sysvinit_2.93-9_source.buildinfo
Files:
 ff4bf9d940040c9b7c52b273521912af 2657 admin optional sysvinit_2.93-9.dsc
 8b96351eb7fe178385fadeb23225b8f9 127884 admin optional 
sysvinit_2.93-9.debian.tar.xz
 e4f5bd08a172201fd4542096dbcd57fa 5674 admin optional 
sysvinit_2.93-9_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEEhnHVzDbtdH7ktKj4SBLY3qgmEeYFAlxl1xQTHGthY3Rpb25A
ZGViaWFuLm9yZwAKCRBIEtjeqCYR5ngBD/9yiLy+Kkl65qulozn3kBQfN1VSYjLD
lI9abb0/nt2b6aAtFmrb9qUVdtQtwyDnlLtFfcOU8GZIle0etzrZZypwOxDhLW87
Mjnh4N0LpZW9hBJLghbnJ0wBm9tkophHzB8072yNQwFNIHZ36Rnqawxs+7x1Gc85
mqbxYeCvCbFmbyOAJHmDxpWjEM6nR5Tnr8ozRiwRSwLlK2bMSbeH0vluBL2z6R5I
jX3fbsgcSSpT6KNNimISJa4mllARCOk3PQ0Yv+IGhmcEW5LmrUbfDl1SWWZocuXe
qFDDFsgwruVSunHAuLFOmzfb4dxAwg00M6J2Rb2qc4RIUtJr9wbIjeBnUNvxz4VV
RspuedzEmcxs5ZdPFl3OaDVcsLDoZeYZw02hnsuFcuS6K7uVqLJThZhyAFbX7f0Z
jPR+zAD1y5NDfipHcdgCN5jk/bZaUQw5khWVKvyuNNpPOOszEZWd0BNpmLrK9qA7
+V05GEXlu33bcxW+elPJ6OtGq2ZcwZ+9dI51/ynnEXcOI+afbsThRrQqCa7Wg/yN
rSVI7CZl97G0Bn5gkYIJX0+r7K6iNDw7n+f08W5kC1465sLfyBS/aoOEGnaZ5mZn
5CJb/o+EfBj4gmDNR2gT5NQMtWDjie2fqLKjLX/SCnvw90YQc23qkv3XMIU9nEFT
qbfdUb2Iefkbew==
=jD98
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to