The Red Hat Enterprise Linux operating system must restrict access to the kernel message buffer.

An XCCDF Rule

Description

Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a non-privileged user.

ID: SV-255927r880791_rule
Version: RHEL-07-010375
Severity: Low
References: CCI-001090
Updated: 15 days ago

Remediation Templates

Configure the operating system to restrict access to the kernel message buffer.

Set the system to the required kernel parameter by adding or modifying the following line in /etc/sysctl.conf or a config file in the /etc/sysctl.d/ directory:

     kernel.dmesg_restrict = 1
Remove any configurations that conflict with the above from the following locations: 
     /run/sysctl.d/
     /etc/sysctl.d/
     /usr/local/lib/sysctl.d/
     /usr/lib/sysctl.d/
     /lib/sysctl.d/
     /etc/sysctl.conf

Reload settings from all system configuration files with the following command:

     $ sudo sysctl --system

The Red Hat Enterprise Linux operating system must restrict access to the kernel message buffer.

Description

Remediation Templates

A Manual Procedure