<html>
<head>
<base href="https://bugs.freedesktop.org/">
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_RESOLVED bz_closed"
title="RESOLVED FIXED - Allow another local user to run programs on a WAYLAND_DISPLAY"
href="https://bugs.freedesktop.org/show_bug.cgi?id=84817#c12">Comment # 12</a>
on <a class="bz_bug_link
bz_status_RESOLVED bz_closed"
title="RESOLVED FIXED - Allow another local user to run programs on a WAYLAND_DISPLAY"
href="https://bugs.freedesktop.org/show_bug.cgi?id=84817">bug 84817</a>
from <span class="vcard"><a class="email" href="mailto:t4155553@mvrht.net" title="Paranoik <t4155553@mvrht.net>"> <span class="fn">Paranoik</span></a>
</span></b>
<pre>(In reply to Daniel Stone from <a href="show_bug.cgi?id=84817#c11">comment #11</a>)
<span class="quote">> As you say, building in MAC would make the protocol completely different and
> require everyone to be aware. It would need either SELinux-style explicit
> labeling, or constant prompts. Instead we chose to make the socket a
> security boundary, which is still a valid choice.</span >
What prompts? We have a working example, an android. It can run windowed and on
the monitor (see samsung dex) and it works just fine. The only thing needed to
rethink were: keyboard and mouse events should only be passed to active window,
clipboard content should only be seen to a program after user decides to paste
its content into the window and of course user level applications shouldn't be
able to capture the screen or other application windows client area and create
mouse and keyboard events themselves. After that every program running from any
user profile can be allowed to access the desktop because no program would be
able to steal info from the other program through the desktop or manipulate the
other program through its graphical interface. This can absolutely be
implemented during the development of a new API. We were told that wayland is a
new modern desktop environment made by xorg developers who learned on previous
errors. But what we actually see is the same level of security we had before
but now programs are banned from appearing on the desktop. No programs no
problems. Heh. Its like a joke about a doctor who cured disease by cutting a
patient head off. This could be somehow achieved on a previous xorg interface
there is no need in new API to ban programs, this is not a new level of
security we needed.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>