Proxying Wayland for security
Simon Ser
contact at emersion.fr
Wed Jul 28 13:37:55 UTC 2021
On Wednesday, July 28th, 2021 at 13:06, Alyssa Ross <hi at alyssa.is> wrote:
> That's true for screenshots, but it's not true for clipboard contents,
> right? As I understand it, any application can paste, with the only
> restriction being that it has to be in the foreground at the time, and
> wl-clipboard[1] seems to demonstrate that it's possible to fulfill that
> requirement without being visible to the user at all.
wl-clipboard can do so because nowadays' compositors will give focus to
new toplevels. That said:
- Some compositors (e.g. Sway) can be configured to not give focus to
new toplevels. Comes with a usability trade-off, so it's not the
default.
- In the future, compositors should be able to require a valid
xdg-activation token before giving focus to a new toplevel. If most
Wayland clients adopt xdg-activation, this could be made the default
without too much of a usability concern.
Note, it's difficult to detect whether a buffer is completely or mostly
transparent.
More information about the wayland-devel
mailing list