[MPlayer-dev-eng] [PATCH] adjusting nice level from config/command line

D Richard Felker III dalias at aerifal.cx
Mon May 27 19:39:27 CEST 2002


On Mon, May 27, 2002 at 12:05:32PM -0400, Brian J. Murrell wrote:
> > the documentation already points that making mplayer a suid executable
> > is insecure on DGA's example. well, why don't just remove DGA support?
> > isn't it improper and insecure?
> 
> I don't know the details of DGA and why giving root for it's access is
> insecure so I can't comment on this.

DGA is in fact totally insecure no matter how you use it. If you don't
drop root after opening DGA, then your program continues to have root
access to everything, and naturally that's bad. On the other hand, if
you DO drop root, the crappy buggy libdga library inadvertently leaves
a file descriptor to /dev/mem open (which it no longer needs -- it
just opened it to mmap the framebuffer, and should close it
afterwards!). So, all the user has to do is ptrace your program,
insert some code to modify the kernel through /dev/mem, and BAM, root!

I suppose you could have your program look through its file
descriptors before and after opening DGA, and close the extra one left
open, then drop root. But DGA is still dumb and buggy.

OK, end of DGA rant.

Rich





More information about the MPlayer-dev-eng mailing list