Around 20 o'clock on Jun 13, Alan Cox wrote: > Secondly every line of code you put in the kernel has to be audited, > analysed and can introduce security holes or crash the machine.
The same is (alas) all too true for code within the X server as well. An ideal situation would have the X server running unprivledged on top of a kernel driver that validated commands to the graphics card. That's one of the motivations to moving to a DRI-like environment for the X server. Using the OpenGL API provides that in a more "vendor neutral" way than going directly to DRI. However, even for plain 2D only X servers, I would advocate a similar driver architecture, albiet with a significantly simpler kernel module. Do everything possible in user mode, but no more. -keith
pgp1kg3pcf1C2.pgp
Description: PGP signature
