Contributed by jj on 2014-02-23 from the you-are-surrounded-drop-your-privs dept.

Keeping this special direct access to the hardware through the aperture driver was one of the major drawbacks of privelege separation in X, as pointed out by a paper by Loic Duflot at CANSECWEST 2006.

Note that the warning about CheckDevMem failing to open /dev/xf86 and /dev/mem can be safely ignored.

