Comment 1 for bug 1730255

Thanks for the report!

John, can you take a look at this? I think you need to lookup the user/group from the cred on the socket and verify the user has the permissions to view the logs.

I've tentatively assigned this to John, but please feel free to reassign. I think this needs a CVE. Please don't discuss in public or make public commits until the security team comments further on this bug.