On Wed, Jun 13, 2001 at 04:16:30PM -0400, Andrew Brown wrote:
> >> doesn't the aperture driver also limit the number of open()s to 1?
> >> with a machine at securelevel 1 and the aperture driver loaded and x
> >> running...how much do you lose?
> >
> >ps axw | awk '/X/ {print $1}' | xargs kill
> 
> sure, or
> 
> ps axw | awk '/X/{print"kill -9",$1}' | sh
> 
> but can i, as a regular user, kill my own x server?  what about one
> started by xdm?

Uh, Andrew?

Who *cares*?  The point of the securelevel model is to ensure that rogue
processes *running as root* can be prevented from doing lasting damage to
the system.  If you can write arbitrary memory, the whole thing falls
apart.

The aperture driver's limiting the number of open()s to 1 does zero good
whatsoever towards this end; you can just kill the X server that's got
the aperture device open, do your dirty work, and go home.

Thor