[Wayland-bugs] [Bug 84817] Allow another local user to run programs on a WAYLAND_DISPLAY
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Mon Jan 8 11:17:49 UTC 2018
https://bugs.freedesktop.org/show_bug.cgi?id=84817
--- Comment #11 from Daniel Stone <daniel at fooishbar.org> ---
(In reply to Paranoik from comment #10)
> What is the problem to let everyone access the desktop by default? Why is it
> blocked? What is this wayland sudo talk is all about? The modern desktop
> compositor should have been developed with MAC concept in mind. Apps must be
> isolated and it shouldn't be a security hole to grant programs run under
> different restricted user accounts to access desktop and interact with the
> user.
As you say, building in MAC would make the protocol completely different and
require everyone to be aware. It would need either SELinux-style explicit
labeling, or constant prompts. Instead we chose to make the socket a security
boundary, which is still a valid choice.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/wayland-bugs/attachments/20180108/25407c1b/attachment.html>
More information about the wayland-bugs
mailing list