Hi!
Sorry for the double posting. This is a thing that needs to be discussed in both communities.
The via DRM has started it's journey into the linus kernel, but the 3D driver / DDX still suffers
from a security flaw:
When the MMIO area is exported read-write it is assumed possible for a dri client to manipulate registers to
blit otherwise protected areas of the system memory to video memory. It is the DDX that tells the DRM whether to export the MMIO area read-only or read-write. The OpenGL 3D driver unichrome_dri.so currently needs write access to this area, until someone fixes it up to use register writing ioctls now present in the via drm.
The obvious fix is for the DDX to tell DRM to export the MMIO area as read-only. In this way a normal user would get a segfault when trying to run accelerated OpenGL, while it would work as root.
This sort of thing has been discussed in the past, going all the way back to UtahGLX, which had a root-only direct rendering system of sorts.
The trouble with doing this, and this was well established in UtahGLX, is that if you make a high-performance path available only to root, you get people running as root when they ordinarily wouldn't do so in order to access that performance path. Specifically, you're encouraging people to run binary-only games & toys with full superuser permissions.
This is actually worse than a DRM model with theoretical insecurities - under that model a program would have to be cleverly crafted to expose and exploit the insecurity. Under this "run games as root" model, all of a sudden games have to be cleverly crafted and audited to *avoid* exposing insecurities...
Nobody has done a security audit on q3 that would allow you to feel comfortable running it as root, to my knowledge...
Keith
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl -- _______________________________________________ Dri-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/dri-devel
