Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
ask your own distro why they don't do this yet I suppose...
An ancient kernel hole is closed
Posted Aug 18, 2010 23:32 UTC (Wed) by cesarb (subscriber, #6266)
I wonder which restrictions xserver_t has on selinux. If it is restricted enough, it is possible that, even if you can inject code on Xorg running as root, you cannot do much without having to first do DMA tricks to break out of it.
It might be an interesting exercise to make Xorg drop even more permissions (by changing for instance to a xserver_kms_t which cannot touch the hardware) when kernel modesetting is enabled (while keeping the ability to run without kernel modesetting by simply not dropping the extra permissions).
Posted Aug 19, 2010 0:12 UTC (Thu) by HelloWorld (guest, #56129)
Posted Aug 19, 2010 8:45 UTC (Thu) by epa (subscriber, #39769)
Posted Aug 19, 2010 22:26 UTC (Thu) by nix (subscriber, #2304)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds