Re: [PATCH v2 2/8] exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds
From: James Morris
Date: Tue May 19 2020 - 17:29:03 EST
On Tue, 19 May 2020, Kees Cook wrote:
> > /* SELinux context only depends on initial program or script and not
> > * the script interpreter */
> > - if (bprm->called_set_creds)
> > - return 0;
> >
> > old_tsec = selinux_cred(current_cred());
> > new_tsec = selinux_cred(bprm->cred);
>
> As you've done in the other LSMs, I think this comment can be removed
> (or moved to the top of the function) too.
I'd prefer moved to top of the function.
--
James Morris
<jmorris@xxxxxxxxx>