Graphics Driver Frameworks and Security
Xavier Bestel
xavier.bestel at free.fr
Tue May 16 03:49:45 PDT 2006
On Tue, 2006-05-16 at 12:45, Alan Cox wrote:
[...]
> Another way to think about this:
>
> Let us suppose that X has a security hole in some component. If that
> component is driver level then putting the hole into the kernel instead
> reduces security (as it is now even more privileged). If the hole is in
> a component that is not driver level then it is better fixed by making
> that part of the code unprivileged.
Technically true, but practically it seems to me linux has more manpower
to fix holes than X. That counts.
Xav
More information about the xorg
mailing list