linux.git - Linux kernel source tree

diff options

author	Kees Cook <keescook@chromium.org>	2020-07-03 10:44:22 -0700
committer	Jonathan Corbet <corbet@lwn.net>	2020-07-05 14:04:45 -0600
commit	7303515ae488ce767d3155358bae505dabd9ebe1 (patch)
tree	3dc0035777144d17213d56a2115a6c6e77c5e6d8 /Documentation/dev-tools/coccinelle.rst
parent	Documentation/admin-guide: xfs: drop doubled word (diff)
download	linux-7303515ae488ce767d3155358bae505dabd9ebe1.tar.gz linux-7303515ae488ce767d3155358bae505dabd9ebe1.tar.bz2 linux-7303515ae488ce767d3155358bae505dabd9ebe1.zip

Documentation: Clarify f_cred vs current_cred() use

When making access control choices from a file-based context, f_cred must be used instead of current_cred() to avoid confused deputy attacks where an open file may get passed to a more privileged process. Add a short paragraph to explicitly state the rationale. Cc: Jonathan Corbet <corbet@lwn.net> Cc: linux-doc@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/202007031038.8833A35DE4@keescook Signed-off-by: Jonathan Corbet <corbet@lwn.net>

Diffstat (limited to 'Documentation/dev-tools/coccinelle.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: