Graphics Driver Frameworks and Security

Xavier Bestel xavier.bestel at free.fr
Tue May 16 03:49:45 PDT 2006


On Tue, 2006-05-16 at 12:45, Alan Cox wrote:
[...]
> Another way to think about this:
> 
> Let us suppose that X has a security hole in some component. If that
> component is driver level then putting the hole into the kernel instead
> reduces security (as it is now even more privileged). If the hole is in
> a component that is not driver level then it is better fixed by making
> that part of the code unprivileged.

Technically true, but practically it seems to me linux has more manpower
to fix holes than X. That counts.

	Xav





More information about the xorg mailing list