Add disclaimer of ACL duty to protect the memory of the process using it from hacking

Signed-off-by: Ramy Elgammal <ramy.elgammal@arm.com>
Resolves: COMPMID-2132
Change-Id: I76945425244202edb4aad03c1269e69c9f2608ae
Reviewed-on: https://review.mlplatform.org/c/ml/ComputeLibrary/+/7036
Tested-by: Arm Jenkins <bsgcomp@arm.com>
Comments-Addressed: Arm Jenkins <bsgcomp@arm.com>
Reviewed-by: Michalis Spyrou <michalis.spyrou@arm.com>

1 files changed, 14 insertions, 0 deletions

diff --git a/docs/user_guide/advanced.dox b/docs/user_guide/advanced.dox
index 86ee2ce756..806f4ea3b8 100644
--- a/docs/user_guide/advanced.dox
+++ b/docs/user_guide/advanced.dox
@@ -110,5 +110,19 @@ After the first run, the CLTuner's results can be exported to a file using the m
 This file can be also imported using the method "load_from_file("results.csv")".
 - tuner.load_from_file("results.csv");
 
+@section Security Concerns
+Here are some security concerns that may affect Compute Library.
+
+@subsection A process running under the same uid could read another process memory
+
+Processes running under same user ID (UID) may be able to read each other memory and running state. Hence, This can
+lead to information disclosure and sensitive data can be leaked, such as the weights of the model currently executing.
+This mainly affects Linux systems and it's the responsibility of the system owner to make processes secure against
+this vulnerability. Moreover, the YAMA security kernel module can be used to detect and stop such a trial of hacking,
+it can be selected at the kernel compile time by CONFIG_SECURITY_YAMA and configured during runtime changing the
+ptrace_scope in /proc/sys/kernel/yama.
+
+Please refer to: https://www.kernel.org/doc/html/v4.15/admin-guide/LSM/Yama.html for more information on this regard.
+
 */
 } // namespace
\ No newline at end of file