Re: SUMMARY: GGI/X : the other way??

Alan Cox (alan@lxorguk.ukuu.org.uk)
Tue, 7 Apr 1998 10:16:19 +0100 (BST)

> > If revoke() can kill a mmap on a file, users can make servers crash.
> > It might be better to convert mappings to /dev/zero or /dev/null
> > so that servers won't get SIGSEGV or SIGBUS.
>
> Or alternatively, if you're not using a trusted server, but using a library
> like LibGGI with KGI, where the application is notified when the framebuffer
> is unmapped could be a solution. Because it's a library and not a shared

The whole issue is a red herring. To do a revoke() you must have the right
permissions. What normally happens in an environment with revoke() is that on
console login it goes through a list of files and chowns them to the new
console user and does a revoke on each _after_ the chown, ensuring the device
is (should be except for mmap in some cases) clean and can't be used by a third
party.

If I the end user want to revoke() on my own console and take X down thats if
anything a feature. If some GGI app runs off the in the background I can take
back my console ;)

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu