Is Wayland a secure display server?
Lukasz Skrzeczacy
skrzeczacy at interia.pl
Sat Jun 16 10:59:00 PDT 2012
Hi,
I am not a profesional Linux and English user so keep it in mind. I recently heard of Wayland and I have some questions about security. Security is one of the reason why I am using Linux. I know little about security (but I will be learning about hardening system in the future), I know only that today Linux is more secure than Windows but in the future there will be more security threats. This makes me afraid about security of Linux. I readed some informations about Mandatory Access Control and Access Control Lis and Virtualization. I readed about Qubes OS too. Joanna Rutkowska said that in X Server there has not any isolation bettwen apps so every application can sniff everything what user enter wherever even it is another application. Her opinion is that this is a big problem for security. Even Windows have security feature that keylogger can't sniff password entered into User Account Control but in Ubuntu keylogger could read passwords entered into gksu. I thing that she knows what is she saing because on the site www.invisiblethingslab.com there is hers paper called Software Attacks against Intel VT-d technology and other advanced methods of attack, she proposed feature in processors called “Supervisor Mode Execution Protection” and it is in the Ivy Bridge processors and yesterday I readed about that Rafał Wojtczuk (also worked on Qubes OS) discovered a bug in Intel's Virtualization in processors.
Is there ACL in Wayland? If not, it will be hard to implement it by security specialists? Is in Wayland focus on security? Is Wayland a secure display server? Can I manage windows in Wayland and give them for example untrusted status?
If you want read about Qubes OS and GUI isolation:
http://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html
More information about the wayland-devel
mailing list