[Openchrome-users] Regarding security issues in VIA drivers
Karim Yaghmour
karim.yaghmour
Mon Jan 28 13:36:51 PST 2008
Xavier Bachelot wrote:
>> afaiu, only their closed source hw mpeg library needs root privileges
>> to run. 3D driver is/should be safe.
> hmm, no, I remember now, it's not, via drm lacks command validation and
> thus is actually vulnerable to malicious client.
Ah. That makes sense. Thanks. I guess that means I'll just turn off DRM
and not use VIA's hw mpeg library. As I said in my other email, it's
not like I love to do this, but I do need to be able to use my OQO on
a DVI 1280x1024 and I can't do this for now with openchrome. I'll
definitely go with openchrome once I can do that.
N.B.: In other circumstances I would have implemented it myself, but
my schedule is such these days that that's not feasible. I wish it
were otherwise.
Karim
More information about the Openchrome-users
mailing list