[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/fb* permissions, local DoS

On Mon, Dec 18, 2000 at 01:13:42AM +0100, Michel Dänzer wrote:
<snip>
> 
> Only all apps which need a framebuffer device to work...

Well, only the person on the console can run those apps anyway and thus should
be the only one with access to the devices.

> 
> 
> > Doesn't crash my i386 (riva tnt2, XF4) - but does put pretty colors over
> > the top 1/3 of the screen before cat exits with "write error: No space left
> > on device".
> 
> Yep, I think the crash is a bug in the framebuffer device, just like the other
> problem where even reading from /dev/fb* caused a crash with atyfb IIRC.
> 

It's still a problem without the crash since any local user can overwrite the
console screen with garbage.

Regards,

Chris


-- 
----------------------------------------------------------------------
       Knuth: premature optimization is the root of all evil.
----------------------------------------------------------------------
Reply with subject 'request key' for GPG public key.  KeyID 0xB4E24219
Reply to: