v3 unusable for me
v3 unusable for me
Posted Jan 6, 2025 17:21 UTC (Mon) by paulj (subscriber, #341)In reply to: v3 unusable for me by daenzer
Parent article: GIMP 3.0 — a milestone for open-source image editing
Maybe I have the terminology wrong, but by "between different XWayland servers" I meant between different rootless XWayland servers. Given that XWayland is the decades old X11 code-base, and likely not that great security wise PLUS the fact that X11 has effectively no security betweeen clients (keyboard snooping particularly) what I would _like_ to have for the bold new Wayland future is the ability to have the following, for backward compatibility of X11:
- Run m:n Xwayland servers for X clients
-- including 1:1 (a dedicated XWayland server for each client)
I.e., given the security issues of X11, I'd like to be able to have clients isolated to their own Xserver, or otherwise have "groups" of applications of equivalent security sensitivity share the same XWayland rootless server. And then:
- Have some kind of bridging agent that forwards events (clipboard, mouse, etc.) between these rootless servers, as required/desired.
I should be able to disallow the forwarding of certain kinds of security-sensitive events from certain XWayland servers, e.g. getting the clipboard contents, or capturing the keyboard, or other client data capture.
Maybe this isn't a practical security model, I don't know. If it's not, I still want that seamless Wayland <-> rootless XWayland bridging agent though! :)
Posted Jan 6, 2025 17:35 UTC (Mon)
by daenzer (subscriber, #7050)
[Link]
> I still want that seamless Wayland <-> rootless XWayland bridging agent though! :)
If a Wayland compositor launches multiple rootless Xwayland instances, it's the responsibility of the compositor to propagate stuff between them as needed. With a single instance, compositors should already be doing what can be done.
v3 unusable for me