[Wayland-bugs] [Bug 84817] Allow another local user to run programs on a WAYLAND_DISPLAY
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Sun Jan 7 23:17:42 UTC 2018
https://bugs.freedesktop.org/show_bug.cgi?id=84817
--- Comment #10 from Paranoik <t4155553 at mvrht.net> ---
(In reply to Daniel Stone from comment #8)
>
> It's much more flexible than that. Wayland doesn't do a user lookup at all,
> or rely on particular authentication files: it relies on filesystem
> permissions to restrict who can access the socket.
>
> You can grant access to the socket to whichever uid you like, or you can
> specifically bind-mount the uid into a particular container. So it is more
> granular, more flexible, but also more secure.
What is the problem to let everyone access the desktop by default? Why is it
blocked? What is this wayland sudo talk is all about? The modern desktop
compositor should have been developed with MAC concept in mind. Apps must be
isolated and it shouldn't be a security hole to grant programs run under
different restricted user accounts to access desktop and interact with the
user.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/wayland-bugs/attachments/20180107/ed0508e3/attachment.html>
More information about the wayland-bugs
mailing list