Re: [RFC] enhancing the kernel's graphics subsystem

From: Jeff Garzik
Date: Tue May 22 2007 - 04:17:21 EST

Next message: John Sigler: "Re: Dumping the checksums in a module"
Previous message: Mikael Pettersson: "Re: [PATCH] sata_promise: Port enumeration order - SATA 150 TX4,"
In reply to: Dave Airlie: "Re: [RFC] enhancing the kernel's graphics subsystem"
Next in thread: Dave Airlie: "Re: [RFC] enhancing the kernel's graphics subsystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dave Airlie wrote:

It is a quite sensible idea.

The userspace X server SHOULD be running under a non-root user, with
appropriate fine-grained privs granted to it.

"I need root to do graphics" is a myopic, antiquated view of the world.

Did I say the X server? There are policy decisions that are root only
also authorisation of processes to render etc..

Root only today, maybe, but this thread is talking about future directions. Don't lock your design into a coarse-grained security model.

I'm not sure we can punt all that in-kernel.

See my response to Alan.

Jeff

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John Sigler: "Re: Dumping the checksums in a module"
Previous message: Mikael Pettersson: "Re: [PATCH] sata_promise: Port enumeration order - SATA 150 TX4,"
In reply to: Dave Airlie: "Re: [RFC] enhancing the kernel's graphics subsystem"
Next in thread: Dave Airlie: "Re: [RFC] enhancing the kernel's graphics subsystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]