Public bug reported:
Currently the DRM permission model is roughly “if you've got drm master
you can access any buffer and if you don't have drm master you can't
access any of master's buffers”. This is ok for the existing fast-user-
switching method of spawning a new X server and then VT switching, as
the old server drops master and the new server becomes the drm master.
Actually, the above is a lie: currently the DRM permission model is ‘if
you're authenticated you can access any buffer any client has shared’,
and X proxies drm auth for all clients. VT switching drops master, but
dropping master does not drop authentication, so this does not prevent
inactive users from snooping on shared buffers.
For the system compositor this is a bit worse, as the root window of the
user sessions will be shared buffers.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1025525
Title:
DRM buffer permission model is inadequate
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1025525/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
