On Tue, 4 Sep 2018, Daniel Vetter wrote: > With kms you need logind or someone like that who orchestrates the vt > switching and makes sure you can read/write other people's stuff. BTW. I'm just wondering how is this 'master mode' security working at all. The user start Xserver under the user's UID and the Xserver asks logind to set master mode on the DRM file descriptor. There are plenty of ways how the user can steal a file descriptor from the Xserver that is running under the same UID - for example: - setting LD_PRELOAD to inject a library into the Xserver - calling ptrace on the Xserver process - opening /proc/`pidof Xorg`/fd When one of the user's processes has a handle in 'master mode', any other user's process can steal it. So what does these 'master mode' restrictions really protect against? Mikulas _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/dri-devel
