Index:
[thread]
[date]
[subject]
[author]
From: Andreas Beck <becka@rz.uni-duesseldorf.de>
To : ggi-develop@eskimo.com
Date: Thu, 5 Aug 1999 21:52:33 +0200
Re: Matrox GGI accellerator
> > Note that, even in this case, you _may_ need to do some
> > access control (cf: the example I gave you for the 546x).
> > In case someone tries to use 'strange' accelerators
> > commands. [2]
> Is it possible to create 'Trusted software ?' I mean, knowing for sure
> that the accel driver you give your file handle to for mmapping accel
> space, is the GGI driver you wrote yourself ?
Well. It is possible, but it would make the driver illegal in some
countries. Cryptographic protocols for that do exist.
But even that doesn't solve the issue of a usermode program letting
LibGGI "legally" get access and then bypass it and abuse it.
> And with knowing for sure I mean knowing 22898902490247890 % sure, not
> just 100 %....
> Hmm, just thinking... Open source isn't that cool at all here: Some user
> can hack the GGI libs and thus still crash the system. Damn.
This is a question of system administration IMHO.
IMHO it would be just a matter of doing a uid/gid check.
Root can crash the system anyway, so if the calling program is root, give it
additional rights. And root could delegate that right e.g. to a given gid,
to which the driver would then also grant access.
> Heh, I finally got the idea. But define mmap pages please. Are these 1)
> part of the framebuffer (Video cards RAM) or 2) Kernel memory ? 3)
> Something very logical my stupid mind forgets ?
2).
CU, ANdy
--
= Andreas Beck | Email : <andreas.beck@ggi-project.org> =
Index:
[thread]
[date]
[subject]
[author]