Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> I’m saying that because if you ever type in your password, e.g. into a screenlocker, into a terminal with sudo, or an apt-get gui, every application can listen to those input events.

And any program can (on a relatively default box) trace arbitrary programs under your gid and scan memory for passwords. The real issue here is that there are very weak process boundaries within a gid (because it is historically most convenient), not necessarily a lot wrong with X11.



Every other boundary can be restricted relatively easily. For example, flatpak already solves the issue you mention.

But the X11 boundary can’t be resolved unless you put a whole X server into every single application’s container with XonX, or you replace X11.

Which is part of why wayland exists.


Can be restricted when appropriate. Removing the ability to share resources and calling Wayland complete is what people are laughing at.


Putting holes into a solid block is a lot easier than patching something that looks like swiss cheese.

(Sorry for butchering up the quote)


Wayland’s security is not sufficient but necessary for a safe OS. (As others mentioned X-on-X can also be a sufficient solution for that)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: