[Wayland-bugs] [Bug 84817] Allow another local user to run programs on a WAYLAND_DISPLAY

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Mon Jan 8 15:46:18 UTC 2018


https://bugs.freedesktop.org/show_bug.cgi?id=84817

--- Comment #12 from Paranoik <t4155553 at mvrht.net> ---
(In reply to Daniel Stone from comment #11)
> As you say, building in MAC would make the protocol completely different and
> require everyone to be aware. It would need either SELinux-style explicit
> labeling, or constant prompts. Instead we chose to make the socket a
> security boundary, which is still a valid choice.

What prompts? We have a working example, an android. It can run windowed and on
the monitor (see samsung dex) and it works just fine. The only thing needed to
rethink were: keyboard and mouse events should only be passed to active window,
clipboard content should only be seen to a program after user decides to paste
its content into the window and of course user level applications shouldn't be
able to capture the screen or other application windows client area and create
mouse and keyboard events themselves. After that every program running from any
user profile can be allowed to access the desktop because no program would be
able to steal info from the other program through the desktop or manipulate the
other program through its graphical interface. This can absolutely be
implemented during the development of a new API. We were told that wayland is a
new modern desktop environment made by xorg developers who learned on previous
errors. But what we actually see is the same level of security we had before
but now programs are banned from appearing on the desktop. No programs no
problems. Heh. Its like a joke about a doctor who cured disease by cutting a
patient head off. This could be somehow achieved on a previous xorg interface
there is no need in new API to ban programs, this is not a new level of
security we needed.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/wayland-bugs/attachments/20180108/6f0f38cf/attachment.html>


More information about the wayland-bugs mailing list