An extensive set of X.org vulnerabilities

Posted Dec 10, 2014 19:58 UTC (Wed) by HelloWorld (guest, #56129)
In reply to: An extensive set of X.org vulnerabilities by lsl
Parent article: An extensive set of X.org vulnerabilities

No, you're utterly wrong. Compartmentalizing things is the only way to ever get a reasonably secure system. And this has nothing at all to do with whether the programs are open source or not.

An extensive set of X.org vulnerabilities

Posted Dec 10, 2014 20:02 UTC (Wed) by dlang (guest, #313) [Link] (1 responses)

a secure system that doesn't do what the users need to do is worthless.

Users need to be able to use the same data files with multiple apps. Granting access where it's needed and wanted without granting access where it's not (or where it's dangerous) is not a solvable problem.

An extensive set of X.org vulnerabilities

Posted Dec 10, 2014 20:54 UTC (Wed) by sjj (guest, #2020) [Link]

You're both right, I think.

I think I'm getting to the point where Qubes is very very interesting. It gives you isolation and configurability, granted at the cost of some convenience and hardware (vt-d and enough memory).