On Wed, 2005-08-03 at 17:10 -0400, Jon Smirl wrote: > On 8/3/05, Michel Dänzer <[EMAIL PROTECTED]> wrote: > > On Wed, 2005-08-03 at 16:18 -0400, Jon Smirl wrote: > > > On 8/3/05, Michel Dänzer <[EMAIL PROTECTED]> wrote: > > > > > > > > > > They aren't used in the mesa tree. > > > > > > > > So why did you change their requiring root? > > > > > > The version of Xegl I am making does not run as root. [...] > > > > I know. You missed my question: Why do you change the behaviour of code > > that doesn't affect what you're trying to achieve? > > The original code did not separate the concept of auth and root, they > were implemented as the same bit. I had to separate the concepts. I > kept all of the code implementing auth unchanged. > > There was a single check looking for root across all IOCTLs. I had to > remove that check. Now we have have to identify the IOCTLs that > really require root and add the check specifically to them. So far > there are only two: addmap and indirect. > > I could have made three bits: auth_needed, root_only, master. But > that was a lot of deltas to implement a root_only bit which is only > needed for indirect. Instead it is easier to just add a capability > root check in the ioctl.
In your previous patch you removed the root check entirely, even though that lead to vulnerabilities. I pointed out two cases, but I didn't review all the ioctls. Before a patch based on this goes in, I would like a review of every previously root-requiring ioctl to explain why it's okay to not require root on it now. Alternatively, you could do what Michel suggested: make only the changes that are required for your nonroot case, so that the security implications are (relatively) obvious. -- Eric Anholt [EMAIL PROTECTED] http://people.freebsd.org/~anholt/ [EMAIL PROTECTED] ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf -- _______________________________________________ Dri-devel mailing list Dri-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dri-devel
