Date: Mon, 6 Jul 1998 17:11:22 -0500 (CDT) From: Joel Ray Holveck <joelh@gnu.org> To: jkh@time.cdrom.com Cc: smoergrd@oslo.geco-prakla.slb.com, tarkhil@asteroid.svib.ru, current@FreeBSD.ORG Subject: Re: xf86OpenConsole: KDENABIO failed (Operation not permitted) Message-ID: <199807062211.RAA09001@detlev.UUCP> In-Reply-To: <26015.899757973@time.cdrom.com> (jkh@time.cdrom.com) References: <26015.899757973@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> Most things that are disallowed under securelevel 1 are things that >> aren't frequently done except during rc, a system install, or an >> attack. But running X is a normal operation. I'd classify it as a >> bug myself. > Actually, running X is not a "normal" operation at all - it performs > inb/outb instructions and does various privileged bits of syscons > frobbing that could be potentially quite hazardous in the hands of the > deliberately malicious. Running an X server should be a conscious > compromise of certain types of security. While I will agree that it does not run in a normal manner, it is not an infrequent operation. I was about to continue that paragraph, when the question occurred: Are there no other userland programs (besides wine and doscmd) that do these ops? (Mind you, I'm not arguing that this should be fixed; we just don't have the people to fix every nit. I'm arguing that it's a Bad Thing.) Happy hacking, joelh -- Joel Ray Holveck - joelh@gnu.org - http://www.wp.com/piquan Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807062211.RAA09001>