This is an
SMM related flaw, it isn't OpenBSD specific.. I read a paper recently documenting a use of the
xf86(4) aperture driver to do malicious things.
People must realize that they only used OpenBSD as an example, it's due to the way Xorg was designed.. as a user land program, it needs a way of accessing special areas of physical memory.
This isn't isn't a problem if machdep.allowaperture is 0, like on a server... or if machdep.allowaperture > 0 and Xorg is running, /dev/xf86 can only be opened once.
As I said, this is an x86 architectural problem.. OpenBSD developers have been concerned about SMM for a very long time.
Don't run untrusted binaries.. and don't do so as root.
