Passive and active attacks via X11. Is Wayland any better?

Daniel Stone daniel at fooishbar.org
Thu Feb 16 13:47:24 PST 2012


Hi,

On 16 February 2012 18:36, frqb4td <frqb4td at onet.pl> wrote:
> One application can sniff or inject keystrokes to another one, can take
> snapshots of the screen occupied by windows belonging to another one, etc.

That's more or less irrelevant really.  If you give session access to
hostile apps, they could easily do things like repeatedly steal all
the clipboard contents (at best) or just pretend to be your web
browser or terminal and steal every single one of your credentials (at
worst).

So, don't do that.

> Can passive (snooping) attacks be avoided? The passive attack she describes
> certainly works on my system, though I note that one of the comments says
> gksudo input can't be snooped.

Indeed, neither can screensavers.  They can be avoided, and Wayland
doesn't allow for them.

> Can active attacks (injecting keystrokes) be avoided? I seem to recall that
> active attacks was turned of by default a long time ago. But a quick google
> suggests that the XTest extension nullifies that (How to map a
> key-combination to a keyboard-button?).

I believe Wayland won't be vulnerable to these either.

But seriously - if you can't trust an app, don't give it arbitrary
access to your desktop session.  It's not going to end well.

Cheers,
Daniel


More information about the wayland-devel mailing list