On Sun, Feb 05, 2017 at 11:08:09AM +0530, Shridhar Daithankar wrote: > ok. It confirms my understanding that X clients can listen to each other's > events and modify them. > > But in xwayland, things are bit different. > > https://lists.freedesktop.org/archives/wayland-devel/2014-January/012777.html > > As the thread suggests, if there is a separate X server instance per xwayland > application, they won't be able to snoop on each other. Yes, and you don't need wayland for that... If copy-paste between apps is not required, xephyr should be sufficient. AFAUI, selinux sandbox does that https://dwalsh.fedorapeople.org/SELinux/Presentations/sandbox.pdf . > > Btw. to fully prevent keyloggin on wayland, you need to do more, e.g. by > > sandboxing, since there are ways to work around the security of wayland > > where the default linux security model is weaker then that of the > > wayland architecture. > > > > More info here: > > https://www.reddit.com/r/linux/comments/23mj49/wayland_is_not_immune_to_keyl > > oggers/ > > Exactly. If I am running chromium with firejail, which whitelists what > chromium can do to the file system(even better with --private); the browser > cannot tamper with .profile/.bash_profile or .ssh. See, this is the problem: Why would a browser need these files? File access should only be possible with user interaction (via a file-open dialog). Cheers, -- Leonid Isaev
