SELinux detects problem with proprietary binary fglrx driver; however, AMD/ATI will not help
James Morris
jmorris at namei.org
Thu Sep 25 14:31:09 UTC 2008
On Thu, 25 Sep 2008, Eric Paris wrote:
> Stephen James, what do the two of you think about something like this?
> Maybe a WARN_ONCE() ?
>
There are several issues here:
- Does this actually solve the problem for the user? What happens when
the driver gets an -EPERM there?
- Should we be littering the kernel code with workarounds for bugs in
proprietary drivers?
- Should we be encouraging vendors to not support Linux users, especially
when other vendors are offering support (who we would then also be
discouraging).
- Francis asked for a much-secure or safer workaround to the issue.
Given that the driver is messing with kernel security, is also broken in
its use of a security API, and not maintained, I'm certainly not going to
recommend its continued use in this context.
- James
--
James Morris
<jmorris at namei.org>
More information about the fedora-selinux-list
mailing list