On Tue, 2010-11-16 at 13:16 -0800, Kees Cook wrote: > On Tue, Nov 16, 2010 at 10:04:55PM +0100, Soren Hansen wrote: > > On 16-11-2010 18:50, Kees Cook wrote: > > > I figure we could add a useful error message to "dmesg" to provide > > > education about the change, which would suggest using "sudo" or > > > pointing people to the new /proc/sys/kernel/dmesg_restrict sysctl. > > > > Have we gotten any kind of feedback on the similar changes that were > > made to strace? > > Not a peep that I'm aware of. I am assuming that the verbose errors out > of strace, ltrace, and gdb were enough to address it, though maybe there > won't be noise until the restriction is in an LTS version.
Well, I find it annoying, but a reasonable default. Perhaps we could
have a package "insecure-developer-workstation" that would set all of
these little debugging nicities back to "1" on startup? That way I
wouldn't have to keep up on all of them :)
I'd even have it install the first time you install a "-dev" package,
but that might be a little extreme.
--Ted
signature.asc
Description: This is a digitally signed message part
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
