Home page logo

bugtraq logo Bugtraq mailing list archives

Re: The (in)security of Xorg and DRI
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Wed, 27 Dec 2006 00:20:14 +0100 (CET)

On Thu, 14 Dec 2006, Darren Reed wrote:

In recent discussion, the topic of the Xorg server being a huge
security vulnerability because of its DRI model has come up.

The problem being that you have user space code communicating
with chips in the system and being able to control DMA and what
goes which way on the system bus...

Afaik, kernel DRM (*) drivers are supposed (**) not to provide direct
control over unsafe features of the hardware (***).

(*) Direct Rendering Manager.
(**) The "strength of function" is, of course, a different question.
(***) See <http://dri.sourceforge.net/doc/security_low_level.html>

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]