diff -up ./Documentation/sysctl/kernel.txt.dr ./Documentation/sysctl/kernel.txt
--- ./Documentation/sysctl/kernel.txt.dr	2012-07-31 07:35:45.000000000 -0400
+++ ./Documentation/sysctl/kernel.txt	2012-07-31 08:31:06.000000000 -0400
@@ -141,9 +141,9 @@ This toggle indicates whether unprivileg
 dmesg(8) to view messages from the kernel's log buffer.  When
 dmesg_restrict is set to 0 there are no restrictions.  When
 dmesg_restrict is set to 1, users must have CAP_SYS_ADMIN to use
-dmesg(8) on the hardware node and CAP_VE_SYS_ADMIN in containers
-(so that the in-container root may view that container's kernel
-messages such as from iptables).
+dmesg(8) on the hardware node.
+Inside containers dmesg_restrict is ignored becasue virtualized dmesg buffer
+contains safe kernel messages only.
 
 The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the default
 value of dmesg_restrict.