Hi Folks! We’ve just published a security advisory about osquery. An osquery administrator with access to osquery’s distributed read/write interface or configuration file can read/write/modify arbitrary sqlite databases on disk. This has been patched in github, and will be included in the impending 4.6.0 release. Advisory at https://github.com/osquery/osquery/security/advisories/GHSA-4g56-2482-x7q8 If you have any questions, feel free to reach out here or via DM.

This falls into that annoying an "Admin can do Admin Stuff" category but thanks for the quick fix.