On Sun, Feb 05, 2017 at 11:08:09AM +0530, Shridhar Daithankar wrote:
ok. It confirms my understanding that X clients can listen to each other's events and modify them.
But in xwayland, things are bit different.
As the thread suggests, if there is a separate X server instance per xwayland application, they won't be able to snoop on each other.
Yes, and you don't need wayland for that... If copy-paste between apps is not required, xephyr should be sufficient. AFAUI, selinux sandbox does that https://dwalsh.fedorapeople.org/SELinux/Presentations/sandbox.pdf .
Btw. to fully prevent keyloggin on wayland, you need to do more, e.g. by sandboxing, since there are ways to work around the security of wayland where the default linux security model is weaker then that of the wayland architecture.
More info here: https://www.reddit.com/r/linux/comments/23mj49/wayland_is_not_immune_to_keyl oggers/
Exactly. If I am running chromium with firejail, which whitelists what chromium can do to the file system(even better with --private); the browser cannot tamper with .profile/.bash_profile or .ssh.
See, this is the problem: Why would a browser need these files? File access should only be possible with user interaction (via a file-open dialog).