On 5/21/07, Dave Airlie <[email protected]> wrote:
> 3) Eliminate the need for a root priv controlling process. Get rid of
> the potential for a security hole.
Stupid idea, we need something to control policy, this isn't going in
the kernel, it can be a lot smaller than X and auditable.. sticking
the DRI protocol in the kernel is just pointless..
Try to be more flexible with your thinking. It is ok to have a
transient, privileged command line app that does something like assign
an output to be under the control of a specific CRTC. I have no
problem with some of the IOCTLs requiring root priv.
What is not ok is to require a permanently running root priv process.
If the code is going to always be running make it as small as possible
and put it in the device driver.
--
Jon Smirl
[email protected]
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
