On Tue, 19 May 2020, Kees Cook wrote: > > /* SELinux context only depends on initial program or script and not > > * the script interpreter */ > > - if (bprm->called_set_creds) > > - return 0; > > > > old_tsec = selinux_cred(current_cred()); > > new_tsec = selinux_cred(bprm->cred); > > As you've done in the other LSMs, I think this comment can be removed > (or moved to the top of the function) too.
I'd prefer moved to top of the function. -- James Morris <[email protected]>
