On Llu, 2004-10-11 at 09:42, Thomas HellstrÃm wrote: > So what is your actual suggestion? > Export read-write as default or, as proposed, export read-write when > "AllowInsecureDRI" is enabled in the X server config?
AllowInsecureDRI is less secure than forcing users to run things as root or fix the code. And we want that code in kernel and causing pain in order to make people fix it 8) If I setuid an app then it depends if that one app is trojanned. If I have AllowInsecureDRI then any trojanned or hostile app gets you. What I think you do want to avoid would be something like "DRI is faster as root", which sends all the wrong signals. Alan ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl -- _______________________________________________ Dri-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/dri-devel
