diff options
author | 2020-07-03 10:44:22 -0700 | |
---|---|---|
committer | 2020-07-05 14:04:45 -0600 | |
commit | 7303515ae488ce767d3155358bae505dabd9ebe1 (patch) | |
tree | 3dc0035777144d17213d56a2115a6c6e77c5e6d8 /Documentation/dev-tools/coccinelle.rst | |
parent | Documentation/admin-guide: xfs: drop doubled word (diff) | |
download | linux-7303515ae488ce767d3155358bae505dabd9ebe1.tar.gz linux-7303515ae488ce767d3155358bae505dabd9ebe1.tar.bz2 linux-7303515ae488ce767d3155358bae505dabd9ebe1.zip |
Documentation: Clarify f_cred vs current_cred() use
When making access control choices from a file-based context, f_cred
must be used instead of current_cred() to avoid confused deputy attacks
where an open file may get passed to a more privileged process. Add a
short paragraph to explicitly state the rationale.
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: linux-doc@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/202007031038.8833A35DE4@keescook
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Diffstat (limited to 'Documentation/dev-tools/coccinelle.rst')
0 files changed, 0 insertions, 0 deletions