Bugtraq mailing list archives
Re: The (in)security of Xorg and DRI
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Wed, 27 Dec 2006 00:20:14 +0100 (CET)
On Thu, 14 Dec 2006, Darren Reed wrote:
In recent discussion, the topic of the Xorg server being a huge security vulnerability because of its DRI model has come up. The problem being that you have user space code communicating with chips in the system and being able to control DMA and what goes which way on the system bus...
Afaik, kernel DRM (*) drivers are supposed (**) not to provide direct control over unsafe features of the hardware (***). (*) Direct Rendering Manager. (**) The "strength of function" is, of course, a different question. (***) See <http://dri.sourceforge.net/doc/security_low_level.html> --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- The (in)security of Xorg and DRI Darren Reed (Dec 14)
- Re: The (in)security of Xorg and DRI Nicolas RUFF (Dec 15)
- Re: The (in)security of Xorg and DRI Darren Reed (Dec 18)
- Re: The (in)security of Xorg and DRI Darren Reed (Dec 18)
- Re: The (in)security of Xorg and DRI Pavel Kankovsky (Dec 27)
- Re: The (in)security of Xorg and DRI Nicolas RUFF (Dec 15)