On Mon, 2011-12-26 at 15:39 +0000, Kevin Chadwick wrote:
On Sat, 24 Dec 2011 00:20:17 +0100 Tom Gundersen wrote:
http://marc.info/?l=openbsd-misc&m=114233317926101
And equivelent on Linux
http://forums.grsecurity.net/viewtopic.php?f=3&t=47
You can use framebuffer mode or the nouveau driver instead of the nvidia binary and still run X with RAWIO access disabled but with limited acceleration.
Right, now I got it. You mean that there is a security hole on the machines where you don't use the open source (i.e. KMS) drivers. This is correct.
Thanks for the clarification.
Yeah and it may be more difficult to exploit on a system running KMS drivers but unless RAWIO is closed at kernel level (compilation (preferred), selinux, setcap, lcap) then the hole is still there as the default stance is obviously to allow all graphics cards to work.
If it were up to me I'd appreciate your input, but note, it's OT, the thread is closed and in the end the mailing list police will measure the S/N with the S/N list meter or simply count the mails and blame me for too much traffic. Btw. in a German Arch forum I read "Jawoll Herr Wachtmeister", this can't be translated, it's ironical regarding to narrow-mindedness. Unfortunately there seems to be many unwritten laws for Arch mailing lists and forums, counter the often quoted netiquette. So, please, open a new thread or write off-list. I e.g. answered off-list regarding to accusations that my knowledge about issues with PA is from 3d Party, since I could give endless much examples, I just gave one major example, AGAIN off-list, regarding to pro-audio cards that don't work without a fix. AGAIN if it were up to me I'd allow you to continue, but it's not my decision. It's unwanted regarding to S/N, resp. too much traffic, so I decided to close this thread. Merry Christmas, Ralf