Phoronix: NVIDIA Blob Has Security Hole, Again

Another security problem has crept up with NVIDIA's binary blob display driver for their GeForce and Quadro graphics cards. When the NVIDIA Linux display driver is installed with Gentoo Linux, poor file permissions are used with /dev/nvidia*, which could result in compromised software or even damage to your NVIDIA hardware.

http://www.phoronix.com/scan.php?page=news_item&px=NjAwMQ

i find it strange that i don't recall ever hearing about such issues with fglrx. weird, huh?

i find it strange that i don't recall ever hearing about such issues with fglrx. weird, huh?

Everyone's busy with complaining about all other errors, bugs and missing Support for newer cards. ;)

fglrx just does not create it's own devices. But I did not see any changes in newer nvidia drivers about the nvidia device permissions. Informer I even added a little udev hack in my script (for 1.0-7174) to create em, and the permissions have been always 666. So is that really a new info?

so it's just an distro specific issue?

No. That was just an example to show that the devices created always had these rights. Just that old driver had no udev support (that means no auto create of the needed devices on load). Informer just the installer created em - not udev. That has nothing to do with the distro used.