Posted Feb 12, 2013 7:54 UTC (Tue) by renox (subscriber, #23785)
Parent article: LCA: The X-men speak
I like the name!
More seriously: if the client allocates a buffer for the whole window including its decoration, isn't there a risk that the client also writes in the "decoration area"?
For example, a malicious client could want to change the window's tittle.
So if you want "security", the server needs to update the decoration area each time the client update its buffer because AFAIK the server cannot know whether the client touched the decoration area or not, so you cannot have the optimisation described in the article.
I'm well aware than you cannot have security with X currently but the same issue happens with server side decoration on top of Wayland (see http://blog.martin-graesslin.com/blog/2013/02/more-ration... especially ihavenoname's comment), with client-side decoration you don't have this security so there is no problem ;-)