[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freedesktop-xorg
Subject:    Re: SDTLOGIN interface
From:       "Xavier Toth" <txtoth () gmail ! com>
Date:       2008-05-30 16:28:45
Message-ID: cadfc0e40805300928x9aafebuf7f63fad3399f29e () mail ! gmail ! com
[Download RAW message or body]

On Fri, May 30, 2008 at 9:57 AM, Alan Coopersmith
<Alan.Coopersmith@sun.com> wrote:
> Matthieu Herrb wrote:
>> There's one drawback though: the main X server keeps the privilege of
>> accessing the hardware directly, and it has been demonstrated (for
>> instance by Loic Duflot at CanSecWest 2006) that this makes it possible
>> for the X server to get kernel-level privileges (which is more than root
>> privileges, at least in the BSD securelevels model).
>>
>> Hardware access definatly needs to be done in the kernel, with enough
>> checks to make sure that a malicious code injected in the X server (by
>> exploiting a bug) can't easily abuse the drm interface to control the
>> whole kernel.
>
> Right - that's the model we have in Solaris on SPARC, which always had
> in-kernel graphics drivers for all devices, and can run without ever
> having uid 0 privileges (we still run it setgid 0 so it can do things
> like power management & process priority boosting that the kernel
> restricts to gid 0).    Since gdm/xdm/dtlogin start the server as root,
> we still use our setting pipe to drop to the user's uid at login.
>
> --
>        -Alan Coopersmith-           alan.coopersmith@sun.com
>         Sun Microsystems, Inc. - X Window System Engineering
>
>

All I actually know about SDTLOGIN is the little blurb I read in the
GDM docs. So could I please get a little background like what exactly
it is/how it works? By chance is there a patch that includes it?
_______________________________________________
xorg mailing list
xorg@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/xorg
[prev in list] [next in list] [prev in thread] [next in thread]