Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 10 Oct 1995 13:06:24 -0400
From:      "Garrett A. Wollman" <wollman@lcs.mit.edu>
To:        "Justin T. Gibbs" <gibbs@freefall.FreeBSD.org>
Cc:        Andrew Herdman <andrew@whine.com>, freebsd-questions@FreeBSD.org
Subject:   Re: A few questions 
Message-ID:  <9510101706.AA10186@halloran-eldar.lcs.mit.edu>
In-Reply-To: <199510101700.KAA04725@aslan.cdrom.com>
References:  <9510101535.AA10002@halloran-eldar.lcs.mit.edu> <199510101700.KAA04725@aslan.cdrom.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
<<On Tue, 10 Oct 1995 10:00:47 -0700, "Justin T. Gibbs" <gibbs@freefall.cdrom.com> said:

> It be nice if you could still run X while in secure mode 1 (or perhaps we
> should add an extra secure level so you could do this?) without having
> all of /dev/mem R/W.

The problem is that some devices out there need to have their
framebuffers reprogrammed into some arbitrary, large range of memory
(outside the I/O hole).  Allowing access to an arbitrary range of
memory is tantamount to allowing access to all memory, which is the
source of the problem.

The X server also creates problems by its need to do in/out
instructions.  /dev/io should not be openable in secure mode, either.

I have a number of times suggested that the right thing to do is to
add a special ``privileged'' flag to indicate to the system that a
binary should be allowed to do this.  (Obviously, it can only be
turned on by root in single-user mode.)

-GAWollman

--
Garrett A. Wollman   | Shashish is simple, it's discreet, it's brief. ... 
wollman@lcs.mit.edu  | Shashish is the bonding of hearts in spite of distance.
Opinions not those of| It is a bond more powerful than absence.  We like people
MIT, LCS, ANA, or NSA| who like Shashish.  - Claude McKenzie + Florent Vollant



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?9510101706.AA10186>