John, can you take a look at this? I think you need to lookup the user/group from the cred on the socket and verify the user has the permissions to view the logs.
I've tentatively assigned this to John, but please feel free to reassign. I think this needs a CVE. Please don't discuss in public or make public commits until the security team comments further on this bug.
Thanks for the report!
John, can you take a look at this? I think you need to lookup the user/group from the cred on the socket and verify the user has the permissions to view the logs.
I've tentatively assigned this to John, but please feel free to reassign. I think this needs a CVE. Please don't discuss in public or make public commits until the security team comments further on this bug.