Request for comments on security of authentication/authorisation UIs

Dodier-Lazaro, Steve s.dodier-lazaro.12 at
Wed Mar 26 07:26:20 PDT 2014


In a previous discussion on this ML [0] and blog article [1], Martin Peres explained why Wayland should distinguish between normal and privileged clients and what the security requirements for Wayland are. After that, I spent some time thinking about how to handle the processes of authorisation (authorising clients to use privileged interfaces described by Martin) and authentication (how to provide a safe way for users to type passwords in graphical environments). I wrote another blog article [2] in which I speak about the infrastructure needed to implement spoofing-proof auth* user interfaces, and about usability/UX good practice. I'm interested in feedback from this ML.

My article is relevant to Wayland because it describes the kind of infrastructure that would be needed (section 5 in particular), and some of that infrastructure is under the scope of Wayland compositors. This includes obviously separating the I/O of various windows, identifying which process a window belongs to, providing an authorisation API that forces userland apps to ask compositors to access a number of resources, and it should in the long run include a set of UX guidelines describing what desktop environments should provide along with their compositor for the security interactions to be manageable by users.

I'm very keen on hearing from Wayland devs and GNOME/KDE/other compositor devs about these infrastructure needs. Do you agree with the analysis made in the article? Do you see technical challenges that were forgotten? Do you have members of your communities interested in experimenting the introduction of capabilities/privileges in userland? If so then please get in touch with me!


Steve Dodier-Lazaro
PhD student in Information Security
University College London
Dept. of Computer Science
Malet Place Engineering, 6.07
Gower Street, London WC1E 6BT
OpenPGP : 1B6B1670
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the wayland-devel mailing list