Date: Tue, 7 Jul 1998 11:56:21 +0000 From: Niall Smart <rotel@indigo.ie> To: "Jordan K. Hubbard" <jkh@time.cdrom.com>, joelh@gnu.org Cc: smoergrd@oslo.geco-prakla.slb.com, tarkhil@asteroid.svib.ru, current@FreeBSD.ORG Subject: Re: xf86OpenConsole: KDENABIO failed (Operation not permitted) Message-ID: <199807071056.LAA00722@indigo.ie> In-Reply-To: "Jordan K. Hubbard" <jkh@time.cdrom.com> "Re: xf86OpenConsole: KDENABIO failed (Operation not permitted)" (Jul 6, 10:17pm)
next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 6, 10:17pm, "Jordan K. Hubbard" wrote: } Subject: Re: xf86OpenConsole: KDENABIO failed (Operation not permitted) > > While I will agree that it does not run in a normal manner, it is not > > an infrequent operation. > > Erm, fine. So come up with an access method for X that doesn't > require this kind of security bypassing and I'm sure that everyone > will be quite pleased with you. :-) It's not unreasonable to let X do its thing, on any secure system all of X will be gid consoleusers mode 750 anyway. Afaik you can let it do what it needs to do using iopl or a i/o port privilege map, the trick is authenticating X, perhaps a sysctl which is only settable in secure level < 0 which specifies which binaries get iopl permissions when running as root would do the trick, then again, perhaps someone has a better idea. Niall -- Niall Smart. PGP: finger njs3@motmot.doc.ic.ac.uk FreeBSD: Turning PC's into Workstations: www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807071056.LAA00722>