On Wed, 2005-08-03 at 15:02 -0400, Jon Smirl wrote: > On 8/3/05, Eric Anholt <[EMAIL PROTECTED]> wrote: > > On Wed, 2005-08-03 at 14:39 -0400, Jon Smirl wrote: > > > > ioctls where removing the root check introduces privelege escalation for > > > > users with read access to the DRM device (at least): > > > > - DRM_R128_INDIRECT > > > > - DRM_RADEON_INDIRECT > > > > > > How do we secure these? > > > > By requiring root. But I didn't review all the ioctls, so these might > > not be all of the root-requiring ioctls that continue to need it. > > I thought we built a command verifier to check things like this.
These ioctls are designed for privileged clients like the current DDX drivers and thus unchecked. -- Earthling Michel Dänzer | Debian (powerpc), X and DRI developer Libre software enthusiast | http://svcs.affero.net/rm.php?r=daenzer ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf -- _______________________________________________ Dri-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dri-devel
