DRM Access Control

* What clients can access the DRM? *

Any client that can access the X server can access the DRM. This is not a security issue because a client can interfere with the display just as much with the X server as with the DRM.

* How does the client access the DRM? *

The client requests access to the X server. If this access is granted, the X server gives both the client and the DRM the same cookie. Next, the client opens the DRM device, passing the cookie to the DRM. The DRM compares the cookie it received from the client and the one it received from the X server. If they match, the DRM allows the client to access it in more useful ways.

* What prevents multiple clients of the DRM from interfering with one another? *

A well-behaved client would use the lock to regulate access. This ioctl-based lock blocks the client until the lock is released. However, this lock is cooperative, and a buggy or malicious client may ignore it.