Documentation: Clarify f_cred vs current_cred() use - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Kees Cook <[email protected]>	2020-07-03 10:44:22 -0700
committer	Jonathan Corbet <[email protected]>	2020-07-05 14:04:45 -0600
commit	7303515ae488ce767d3155358bae505dabd9ebe1 (patch)
tree	3dc0035777144d17213d56a2115a6c6e77c5e6d8 /tools/perf/scripts/python/bin/stackcollapse-record
parent	559394d3045ec31d0812fac3d6d603bfcb30f2ac (diff)

Documentation: Clarify f_cred vs current_cred() use

When making access control choices from a file-based context, f_cred must be used instead of current_cred() to avoid confused deputy attacks where an open file may get passed to a more privileged process. Add a short paragraph to explicitly state the rationale. Cc: Jonathan Corbet <[email protected]> Cc: [email protected] Signed-off-by: Kees Cook <[email protected]> Link: https://lore.kernel.org/r/202007031038.8833A35DE4@keescook Signed-off-by: Jonathan Corbet <[email protected]>

Diffstat (limited to 'tools/perf/scripts/python/bin/stackcollapse-record')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: