[ On Tuesday, August 13, 2002 at 23:06:33 (+0200), Martin Husemann wrote: ]
> Subject: Re: Rehash: XFree86 Compiled on NetBSD/Sparc
>
> Well, I understand your point, and you are right in some way: as implemented
> now for i386/PCI cards this is a *huge* security problem.

Not to mention the other really ugly horrible things you have to do to
be able to probe PCI cards from user-land, etc., etc., etc.

> But on the other hand, there is no real alternative for the mass of PCI cards,
> which are DMA capable and thus any access to the acceleration features cause
> such a risk - unless you impose strong controll via a yet nonexistent (and
> unlikely to be developed anytime soon) new framebuffer kernel interface.

I thought there was some work going on in xfree86.org to invent a new
driver kernel interface that would be better able to support modern and
highly featureful graphics cards....

I know there's at least some sympathy on Xfree86's side of the fence for
the security issues, and perhaps even the ugliness of the design; though
too some of them are apparently happy with at least PCI and AGP for
bus-level direct access to probe for, and control, graphics cards....

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>