On 09/04/12 02:25, Bruce Dubbs wrote:
> Wayne Blaszczyk wrote:
>> On 08/04/12 11:19, Bruce Dubbs wrote:
>>> Ken Moffat wrote:
>
>>>> OK, so it's udev rather than Mesa that determines the group name.
>>>> But, in all current LFS builds we *don't* have such a rule. To me,
>>>> it seems more reliable to add users to the video group. After all,
>>>> we've defined that group for a long time.
>
>>> That's true. I suspect either way will work. The problem with the
>>> group is that each user has to be added to that group while the udev
>>> rule makes hw acceleration available for all users at one time. Of
>>> course in most cases there is only one user. :)
>
>> I personally don't like the idea of giving access to everyone which
>> would include the user nobody and other 'guest' type users.
>
> I do understand that some will be more comfortable with the tighter
> permissions just on principle, but I'm trying to understand why rw
> access to /dev/dri/card0 for a 'guest' user would be a problem.
>
> -- Bruce
I'm not an expert hacker, so I would know how, but I could just imaging
there being an exploit of sending the right combination of bytes to say
hang the video driver.
Just me being paranoid.
Wayne.
--
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
