Skip to content

SLEM 5 must restrict access to the kernel message buffer.

An XCCDF Rule

Description

Restricting access to the kernel message buffer limits access only to root. This prevents attackers from gaining additional system information as a nonprivileged user.

ID
SV-261269r996301_rule
Version
SLEM-05-213010
Severity
Medium
References
Updated

Remediation Templates

A Manual Procedure

Configure SLEM 5 to restrict access to the kernel message buffer.

Set the system to the required kernel parameter by adding or modifying the following line in /etc/sysctl.conf or a config file in the /etc/sysctl.d/ directory:

kernel.dmesg_restrict = 1