> Right, so the pppd application is actually doing the correct thing. And a CAP_SYSLOG setuid binary that *doesn't* DTRT seems like a more immediate security hole than leaking kernel addresses. After all kptr_restrict is optional precisely because the benefit is marginal.
The interesting question is what credentials make sense for %pK outside of a seq_printf(). Does it even make sense in a generic printk? In that case, it's the permission of the syslogd that matters rather than the process generating the message. > Will wait and see what others have to say. Me, too. Dan in particular. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
