On Sunday 5 February 2017 6:10:51 AM IST sivmu wrote:
Am 05.02.2017 um 05:16 schrieb Shridhar Daithankar:
On Saturday 4 February 2017 7:28:31 AM IST sivmu wrote:
As long as the application has access to the xwayland instance, which is by default the case when xwayland is available, it can influence all other applications that still use the x-protcol.
Just to understand, if there are two applications using xwayland, under a wayland session, will they be still able to look at each other's resources?
If the answer is no, the security is equivalent to the wayland applications, since xwayland instance is essentially a sandbox?
Not sure what you mean with resources.
devices and events, mostly.
this point is about the insecurity of the X Windows System architecture, which basically assumes that all applications are to be trusted. There is no build in security, therefore failing modern threat models completly.
This explains it pretty well I guess: https://theinvisiblethings.blogspot.de/2011/04/linux-security-circus-on-gui-> isolation.html
ok. It confirms my understanding that X clients can listen to each other's events and modify them. But in xwayland, things are bit different. https://lists.freedesktop.org/archives/wayland-devel/2014-January/012777.htm... As the thread suggests, if there is a separate X server instance per xwayland application, they won't be able to snoop on each other.
Btw. to fully prevent keyloggin on wayland, you need to do more, e.g. by sandboxing, since there are ways to work around the security of wayland where the default linux security model is weaker then that of the wayland architecture.
More info here: https://www.reddit.com/r/linux/comments/23mj49/wayland_is_not_immune_to_keyl oggers/
Exactly. If I am running chromium with firejail, which whitelists what chromium can do to the file system(even better with --private); the browser cannot tamper with .profile/.bash_profile or .ssh. -- Regards Shridhar