Date: Mon, 20 Oct 2025 16:10:18 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272552] Fix /var/log/messages and /var/run/dmesg.boot permissions when disabling read_msgbuf in the installer's hardening menu Message-ID: <bug-272552-227-3UzbcNwac9@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-272552-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272552 --- Comment #8 from commit-hook@FreeBSD.org --- A commit in branch stable/15 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=fa2e886206f41b4ce652377a6da163103ef25351 commit fa2e886206f41b4ce652377a6da163103ef25351 Author: Jose Luis Duran <jlduran@FreeBSD.org> AuthorDate: 2025-10-17 14:34:55 +0000 Commit: Jose Luis Duran <jlduran@FreeBSD.org> CommitDate: 2025-10-20 16:04:35 +0000 rc: dmesg: Allow umask to be configurable Allow umask to be configurable. Being able to set the umask via an rc variable is useful when setting: security.bsd.unprivileged_read_msgbuf=0 As it allows a user to configure: dmesg_umask="066" Without modifying the rc script, and preventing the contents of the $dmesg_file (/var/run/dmesg.boot) from being publicly readable. PR: 272552 Reviewed by: netchild MFC after: 2 days Differential Revision: https://reviews.freebsd.org/D53169 (cherry picked from commit edadbc6ee95570627679f3bc14a1d5476d0ce339) libexec/rc/rc.conf | 1 + libexec/rc/rc.d/dmesg | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272552-227-3UzbcNwac9>