On Fri, Dec 23, 2011 at 8:35 PM, Kevin Chadwick <ma1l1ists@yahoo.co.uk> wrote:
On Fri, 23 Dec 2011 15:54:35 +0100 Tom Gundersen wrote:
[...] I have to disable 3d support on some machines, due to the gaping security hole that graphics cards require [...]
OT:
Would you care to elaborate on this? What security hole do you have in mind?
Cheers,
Tom
http://marc.info/?l=openbsd-misc&m=114233317926101
And equivelent on Linux
http://forums.grsecurity.net/viewtopic.php?f=3&t=47
You can use framebuffer mode or the nouveau driver instead of the nvidia binary and still run X with RAWIO access disabled but with limited acceleration.
Right, now I got it. You mean that there is a security hole on the machines where you don't use the open source (i.e. KMS) drivers. This is correct. Thanks for the clarification. -t