On Friday 28 January 2005 20:20, Timothy Miller wrote:
The X server is, by definition, a priveleged process. You should be able to trust it to behave correctly and protect the hardware from errant X clients.
IMHO, this is not the real security issue.
The real one reads: you should be able to *not* trust the X server for everything and use the hardware to protect the computer from the X server. Of course, this is not possible wrt to the X display (it _is_ managed by the X server so...). But is should be wrt to, e.g., the memory, the PCI bus, the interruptions, the monitor protection, or even the _console_ text display...
Once upon a time, it was rumored that some boards could be used to solder your motherboard... (Of course this was not true.) But what do you think: it was a good hacker or a bad hardware or... both?
Rodolphe, security office for a living... ;-)
Just keep in mind that we're on a tight transistor budget. Some things will have to be sacrificed for the sake of being able to have a product. It would be nice to have lots of security features that not everyone else has, but we're going to have enough of a challenge just trying to be "as good".
Security is an issue on my mind, as evidenced by some of my recent posts, but just don't expect from us what you usually get from the high-end CAD vendors.
_______________________________________________
Open-graphics mailing list
[email protected]
http://lists.duskglow.com/mailman/listinfo/open-graphics
List service provided by Duskglow Consulting, LLC (www.duskglow.com)
