Subject: Re: Integrate aperture driver?
To: Thor Lancelot Simon <tls@rek.tjls.com>
From: Andrew Brown <atatat@atatdot.net>
List: port-i386
Date: 06/13/2001 17:24:58
>> >The aperture driver's limiting the number of open()s to 1 does zero good
>> >whatsoever towards this end; you can just kill the X server that's got
>> >the aperture device open, do your dirty work, and go home.
>> 
>> yes, but i consider the x server a necessary evil.  for me.  on my
>> machines that are not server.  sort of a smaller insect compared to
>> the idea of running with "options INSECURE" which is a large insect.
>> aim for the lesser of two weevils.
>
>I think you fail to understand.  The inability to write to arbitrary
>memory is essentially the keystone of the entire securelevel model.  The
>aperture driver makes it so that arbitrary memory can be written.  You
>might have to kill the X server first, but so what?  You can do so, and
>then write to arbitrary memory.  Once you can go that, you can just
>change the value of the "securelevel" global inside the kernel (trivial
>to do) and do anything you like.  In other words, you might as well run
>with "options INSECURE" as use the aperture driver, because there's no
>real difference at all.

no, i understand completely.  i just think that the use of the
aperture driver to support running the x server at securelevel 1 is
better then just running at securelevel -1.  it's like the file flags,
which are ultimately just another level of obfuscation.

i also won't install an x server and/or an aperture driver on
something that it not my personal machine for me only.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."