Comment 9 for bug 1989008

I agree with all the above. Unless the user is accepted by sudoers to have root priviledges, it can't use privsep to get what they want from the kernel, so this isn't an exploit.

Apart from this, I don't have any opinion whether we should disclose this bug report or not. I don't really see any security issue by this, but maybe some operators would be afraid of seeing this report.
Well, so +0.