[Openchrome-users] Regarding security issues in VIA drivers
Xavier Bachelot
xavier
Mon Jan 28 13:21:09 PST 2008
Karim Yaghmour wrote:
> I red the following ominous warning excerpt in the Wiki:
> In addition, the 3D driver leaves your system open for attack by malicious clients,
> and furthermore, applications that accelerate mpeg2 and mpeg4 must be run as root,
> which is a very bad idea if they contain vulnerabilities (and they do).
>
> Now, based on what I've seen of said drivers, I'm inclined to believe
> this. That said, though, I'm wondering if there's any place I could
> find any more info about this. Mainly, I'm wondering if using said
> drivers for 2D only "avoids" the security problems and/or if there's a
> way to disable the 3D stuff to the drivers _palatable_.
>
afaiu, only their closed source hw mpeg library needs root privileges to
run. 3D driver is/should be safe. But I'm not an expert when it comes to
VIA *cough* driver *cought*...
Regards,
Xavier
More information about the Openchrome-users
mailing list