Am 05.02.2017 um 06:38 schrieb Shridhar Daithankar: >> this point is about the insecurity of the X Windows System architecture, >> which basically assumes that all applications are to be trusted. There >> is no build in security, therefore failing modern threat models completly. >> >> This explains it pretty well I guess: >> https://theinvisiblethings.blogspot.de/2011/04/linux-security-circus-on-gui-> isolation.html > > ok. It confirms my understanding that X clients can listen to each other's > events and modify them. > > But in xwayland, things are bit different. > > https://lists.freedesktop.org/archives/wayland-devel/2014-January/012777.html > > As the thread suggests, if there is a separate X server instance per xwayland > application, they won't be able to snoop on each other. > Sounds like what some sandboxing tools try to do with xpra and other additional x instances. However the default on wayland/xwayland is as described. You can easily try weston. Just install and enter 'weston' and you will get a weston instance where you can try this out with xinput >> Btw. to fully prevent keyloggin on wayland, you need to do more, e.g. by >> sandboxing, since there are ways to work around the security of wayland >> where the default linux security model is weaker then that of the >> wayland architecture. >> >> More info here: >> https://www.reddit.com/r/linux/comments/23mj49/wayland_is_not_immune_to_keyl >> oggers/ > > Exactly. If I am running chromium with firejail, which whitelists what > chromium can do to the file system(even better with --private); the browser > cannot tamper with .profile/.bash_profile or .ssh. > Not so sure using firejail will not actually decrease security in light of the recent wave of local root exploits...
Attachment:
signature.asc
Description: OpenPGP digital signature
