Date: Mon, 1 Dec 1997 17:13:45 -0800 From: Jin Guojun (ITG staff) <jin@george.lbl.gov> To: bugs@FreeBSD.ORG, joerg_wunsch@uriah.heep.sax.de Subject: Re: kern.securelevel auto from 0 to 1 ?bug/feature? Message-ID: <199712020113.RAA15933@george.lbl.gov>
next in thread | raw e-mail | index | archive | help
}> The secure level should do nothing }> with Xserver AT ALL. } }It _should not_, but go and read my mail again. The fact that it }actually _does_ is an artifact of the current design how the Xserver }works. Frankly, it's extending an interface that's normally in the }kernel's domain (direct hardware access) out into userland. This }requires full access to the hardware from the Xserver process, which }violates the normal security layering of unix. } }In `secure' mode, this violation will be prevented, since there's a }huge potential to abuse it in other ways. Since, as you point out, }secure mode is mainly intended for network server machines, the }ability to still run an Xserver without any limitation is probably not }the prime criterion for those admins operating such a server, given }the security risk the low-level hardware access involves. } }Unless you're willing to donate several thousands of hours to redesign }and rewrite the entire X11 DDX layer for the x86 architecture, i don't }see how this will be change within the forseeable future. Does this mean that all machines running X have to run at insecure mode? -Jin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712020113.RAA15933>