Restricting Access to Kernel Ring Buffer Messages

The kernel uses a ring buffer to surface messages for troubleshooting purposes, and these messages can be viewed by running the dmesg command.

Threat actors can use those messages to find exploits in the system, so it's considered good security practice to ensure that only users with root permissions can run the dmesg command.

On Oracle Linux 10 systems, access is restricted by default regardless of whether the system is running the Red Hat Compatible Kernel (RHCK) or the Unbreakable Enterprise Kernel (UEK) 8.