On Wed, Jan 03, 2024 at 01:00:58PM +0800, 孟敬姿 wrote: > Hi, we suggest revisiting the capability checks in > check_syslog_permissions(). Currently CAP_SYSLOG is checked first, and > if it’s not there but there is a CAP_SYS_ADMIN, it can also pass the > check. We recommend refining this check to exclusively use CAP_SYSLOG. > Here's our reasoning for this suggestion:
Again, have you tested this? thanks, greg k-h
