On 8/3/05, Ian Romanick <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Jon Smirl wrote: > > On 8/3/05, Dave Airlie <[EMAIL PROTECTED]> wrote: > > > >>I'm not over-the-moon about this approach of changing the system to be > >>default allow anything and adding root checks, I'd rather it was default > >>root check and overrideable to allow non-root... > > > > I started off that way but then I figured out that very few ioctl need > > to require root. That would require adding about 70 root checks and > > then turning around and eliminating most of them immediately since > > mesa uses almost all of the ioctls (indirect is the only exception I > > know of) We can get the same effect just by inspecting the list of > > ioctls. > > The difference being that you can incrementally remove root-checks > without compromising the system. The same cannot be said for > incrementally adding them.
Alright I will add them, but I am not convinced we will learn anything about where the vulnerabilities are. But it will have the effect of leaving the non-radeon drivers as root only until they are converted for EGL use. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.6 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > > iD8DBQFC8WfyX1gOwKyEAw8RAsl8AJ9BpLonnpNTdETFS/C5zmHAxr/9gwCcD0wa > mab3pazwkd13LCmYcDgFAUM= > =C9NI > -----END PGP SIGNATURE----- > -- Jon Smirl [EMAIL PROTECTED] ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf -- _______________________________________________ Dri-devel mailing list Dri-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dri-devel
