|
|
Log in / Subscribe / Register

XDC2012: Graphics stack security

XDC2012: Graphics stack security

Posted Sep 26, 2012 19:06 UTC (Wed) by dlang (guest, #313)
In reply to: XDC2012: Graphics stack security by dlang
Parent article: XDC2012: Graphics stack security

In addition, as long as you allow more than one app to have windows open at a time, there is some potential for an app to pop up a window that looks like another app (or a system password prompt)

Server-side window decorations have the potential to label each window as to what app it is part of (users may still ignore the data, but at least it can't be faked by the app)

but if you either allow the client to tell the server what to label a window, or do client-side decorations where the client is in full control, it's impossible for the user to be able to trust any window completely.

to post comments

XDC2012: Graphics stack security

Posted Sep 26, 2012 23:59 UTC (Wed) by mupuf (subscriber, #86890) [Link]

Completely fair point! There is no association between the binary file and its window(s) and it can be misleading to the user in some cases.

As you said, this is fixable with server-side decoration rendering but it isn't when the client renders everything. I guess we could actually display the name of the binary in the compositor when hovering the mouse on top of the application bar but that's not obvious to most users.

XDC2012: Graphics stack security

Posted Oct 1, 2012 4:38 UTC (Mon) by raven667 (subscriber, #5198) [Link] (1 responses)

> Server-side window decorations have the potential to label each window as to what app it is part of (users may still ignore the data, but at least it can't be faked by the app)

IIUC applications can set their window title or argv[0] to anything they want and I don't think that's a feature that would likely be dropped making the point moot.

XDC2012: Graphics stack security

Posted Oct 1, 2012 8:51 UTC (Mon) by renox (guest, #23785) [Link]

> IIUC applications can set their window title or argv[0] to anything they want and I don't think that's a feature that would likely be dropped making the point moot.

And in a secure environement with server side decoration, this application's provided tittle can either be ignored or be added in addition to a color or text which provide the server's view of the application.

That said, one could have virtual desktop/environment which would group application by security level even with client side decoration, of course for single applications this is annoying..


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds