legacy X server isolation
pixelfairy at gmail.com
Thu Aug 11 10:29:57 UTC 2016
So what your saying is theres nothing stopping anyone from doing it this
way, just that no one did?
On Thu, Aug 11, 2016 at 1:39 AM pixelfairy <pixelfairy at gmail.com> wrote:
> Pekka said
> > The issue I have seen mentioned is that there are X apps built to *need*
> the single shared X server model.
> What apps would those be? Are you talking about ones whos functionality
> would now be the domain of the compositor? At least in my own limited use,
> i can tell you many apps dont need this. for a few months ive been using
> x11 apps (firefox,chrome, gimp, libreoffice, some others) in separate xpra
> sessions with firejail. occasionally ill have to do something like take a
> screenshot outside of the firejails to get the whole desktop, then put it
> in what my gimp instance thinks is the home folder (another option of
> firejail). but, this is the behavior i want between apps. some apps, like
> the gimp and libreoffice dont have network access (in firejail,
> protocol=unix) and they still run fine.
> > Somehow you would need to know
> whether a new X11 connection should be isolated or sharing some
> existing X server instance.
> true. my first thought was new app == new x11, but there are iffy cases.
> as you said, something already running with an x server, would probably
> reuse it. launched in wayland without an existing x server should spawn a
> new one. some apps could use wrappers. like a web browser running a pdf
> On Thu, Aug 11, 2016 at 12:57 AM Pekka Paalanen <ppaalanen at gmail.com>
>> On Thu, 11 Aug 2016 07:38:15 +0000
>> pixelfairy <pixelfairy at gmail.com> wrote:
>> > ive only looked at some docs and demos of wayland and tried it on a
>> > with fedora 24 briefly. in a wayland session, xinput could read the
>> > keyboard of other x11 apps.
>> > Since wayland can have a fallback x server, why not start each x11 app
>> > its own x server so they'll have automatic isolation, even from each
>> > (other x11 apps) waylands own mechanisms (clipboard etc) could then be
>> > translated, so, for example, keepassx, which would not be able to
>> > in a setup like this, could safely (i hope) use the clipboard to enter
>> > passwords without other x11 apps reading them.
>> > some mechanism would have to be used to really protect each x servers
>> > socket, but this is already solved in os x by sandboxing and a million
>> > different ways in linux.
>> The issue I have seen mentioned is that there are X apps built to *need*
>> the single shared X server model. Somehow you would need to know
>> whether a new X11 connection should be isolated or sharing some
>> existing X server instance.
>> If you are thinking about a simple approach like clicking an app
>> launcher icon being the trigger for a new X server instance to be
>> started and then everything in that process hierarchy sharing that X
>> server instance, I suppose that would be better than the
>> one-shared-by-all, but it does not help if the app launches other apps
>> like a web browser that should be isolated from the parent.
>> The answer to the "why not" is that no-one has wanted it badly enough
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the wayland-devel