DF-0167
syscap_get INPARENT: no same-uid/same-prison authorization: info leak of capability config
Summary
sys_syscap_get INPARENT(:95-108) has no uid/prison comparison unlike syscap_set. Reads cr_caps restriction bitmask of whatever process owns p_ppid via pfind(). PID recycling -> capability config disclosure of unrelated process. Asymmetric with set which checks uid/prison.