On 8/3/05, Michel Dänzer <[EMAIL PROTECTED]> wrote: > On Wed, 2005-08-03 at 15:14 -0400, Jon Smirl wrote: > > On 8/3/05, Eric Anholt <[EMAIL PROTECTED]> wrote: > > > > > > These are the indirect ioctls, which allow the X Server to submit a > > > buffer of any commands it wants. You could probably build a (or extend > > > the current) verifier for the all the things the X Server has done > > > through that ioctl, but that hasn't been done. > > > > So there is probably a general security hole here if I can convice the > > Xserver to use the buffer addresses I want. > > That would require a security hole in the X server. The attacker is root > already in that case. > > > Who uses these? > > The current DDX drivers. > > > They aren't used in the mesa tree. > > So why did you change their requiring root?
The version of Xegl I am making does not run as root. It handles multiuser by letting each user run their own instance of Xegl as a normal app. To make this work I have to modify DRM to not need root priv to run. I removed the general root priv check that covered all ioctls. Now we need to review and add it back individually on the ones that need it. For example AddMap was modified to allow mesa to work without root but some of the things X does still need root. The indirect ioctls are not used by mesa. In a little while I'll put together a new patch that adds the root requirement back on those ioctls. -- Jon Smirl [EMAIL PROTECTED] ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf -- _______________________________________________ Dri-devel mailing list Dri-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dri-devel