On 10/30, Eric W. Biederman wrote: > > At a bare minimum you need to perform the permission check using the > credentials of the opener of the file. Which means refactoring > kill_pid so that you can perform the permission check for killing the > application during open.
perhaps it would be simpler to do my_cred = override_creds(file->f_cred); kill_pid(...); revert_creds(my_cred); ? > But overall this looks quite reasaonble. Agreed. Oleg.