OSSForks/tensorflow
1
0
Fork 0
mirror of https://github.com/zebrajr/tensorflow.git synced 2025-12-06 12:20:11 +01:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Update SECURITY.md

Browse Source
This commit is contained in:
Mark Daoust 2023-06-23 07:25:50 -07:00 committed by GitHub
parent d0095f87c1
commit 88f4f07f76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -232,7 +232,7 @@ rules](https://bughunters.google.com/about/rules/6521337925468160/google-open-so
`tf.raw_ops.xxx` symbols is the best way to uncover code weakness, please bear
in mind that this is not a typical use case that has security implications. It is
better to try to translate the vulnerability to something that can be exploited
during training or inference of a model (i.e., build a model tha when given a
during training or inference of a model (i.e., build a model that when given a
specific input would produce unwanted behavior). Alternatively, if the
TensorFlow API is only used in ancillary tooling, consider the environment where
the tool would run. For example, if `saved_model_cli` tool would crash on