** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1025525
Title: DRM buffer permission model is inadequate Status in linux package in Ubuntu: Fix Released Bug description: Currently the DRM permission model is roughly “if you've got drm master you can access any buffer and if you don't have drm master you can't access any of master's buffers”. This is ok for the existing fast-user-switching method of spawning a new X server and then VT switching, as the old server drops master and the new server becomes the drm master. Actually, the above is a lie: currently the DRM permission model is ‘if you're authenticated you can access any buffer any client has shared’, and X proxies drm auth for all clients. VT switching drops master, but dropping master does not drop authentication, so this does not prevent inactive users from snooping on shared buffers. For the system compositor this is a bit worse, as the root window of the user sessions will be shared buffers. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1025525/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp