[git pull] drm udl fixes
Daniel Vetter
daniel at ffwll.ch
Tue Sep 4 19:23:42 UTC 2018
On Tue, Sep 4, 2018 at 9:05 PM, Mikulas Patocka <mpatocka at redhat.com> wrote:
>
>
> On Tue, 4 Sep 2018, Daniel Vetter wrote:
>
>> With kms you need logind or someone like that who orchestrates the vt
>> switching and makes sure you can read/write other people's stuff.
>
> BTW. I'm just wondering how is this 'master mode' security working at all.
>
> The user start Xserver under the user's UID and the Xserver asks logind to
> set master mode on the DRM file descriptor.
>
> There are plenty of ways how the user can steal a file descriptor from the
> Xserver that is running under the same UID - for example:
> - setting LD_PRELOAD to inject a library into the Xserver
> - calling ptrace on the Xserver process
> - opening /proc/`pidof Xorg`/fd
>
> When one of the user's processes has a handle in 'master mode', any other
> user's process can steal it. So what does these 'master mode' restrictions
> really protect against?
Other users.
And there _are_ people sufficiently paranoid who disable ptrace and
all that stuff you brought up, e.g. through selinux policies.
-Daniel
--
Daniel Vetter
Software Engineer, Intel Corporation
+41 (0) 79 365 57 48 - http://blog.ffwll.ch
More information about the dri-devel
mailing list