With the second bug OP laments that Wayland compositors are implemented in C, an unsafe language.
That’s not what they’re saying. They’re saying wlroots is full of race conditions, which will be very hard to fix because they’re part of a fundamental design problem.
That is a serious problem, but advocating X11 will not solve anything. Wayland is being improved every day, while X.org is in deep maintenance mode.
And let’s not pretend that X.org is perfect. Race conditions at least can be fixed, even if it takes a lot of time and effort. Worst case, someone will rewrite wlroots in Rust. But in X11 any application can kill other applications, install a key logger, pin itself to the foreground, etcetera. This is by design: it’s what makes window managers, xkill and xeyes work. It’s also a huge security flaw that can never be fixed.
That security argument is like advocating wearing a motorcycle helmet when walking down the street. It sounds like a great idea and super safe, but it’s also super impractical and the things it’s supposed to protect against are extremely unlikely.
But ok, more security isn’t a bad thing. But why not make it an option, like SELinux for example? That way users can choose a degree on a scale between security and convenience that suits their use case and circumstances. Why make it all or nothing?
It’s a valid concern IMO. Any application on X11 can install a key logger, record your screen, and influence other applications in a myriad of ways. With open source software from a trusted repository, this is not an issue, but an increasing number of people run random binary blobs from Steam, the Snap Store and Flathub. I am 100% certain that some less-conscientious publishers are already using X11 features to build ad profiles of their users; it’s a matter of time before the first ransomware will appear. The only sensible way to prevent this, is to confine applications to their own space.
But ok, more security isn’t a bad thing. But why not make it an option, like SELinux for example? That way users can choose a degree on a scale between security and convenience that suits their use case and circumstances. Why make it all or nothing?
Wayland simply doesn’t have protocols for most of this stuff. (Applications are supposed to use D-Bus and portals.) Developing new protocols that offer X11-like functionality is a large investment and will also need changes in the toolkits and apps to make it work.
That’s not what they’re saying. They’re saying wlroots is full of race conditions, which will be very hard to fix because they’re part of a fundamental design problem.
That is a serious problem, but advocating X11 will not solve anything. Wayland is being improved every day, while X.org is in deep maintenance mode.
And let’s not pretend that X.org is perfect. Race conditions at least can be fixed, even if it takes a lot of time and effort. Worst case, someone will rewrite wlroots in Rust. But in X11 any application can kill other applications, install a key logger, pin itself to the foreground, etcetera. This is by design: it’s what makes window managers,
xkillandxeyeswork. It’s also a huge security flaw that can never be fixed.That security argument is like advocating wearing a motorcycle helmet when walking down the street. It sounds like a great idea and super safe, but it’s also super impractical and the things it’s supposed to protect against are extremely unlikely.
But ok, more security isn’t a bad thing. But why not make it an option, like SELinux for example? That way users can choose a degree on a scale between security and convenience that suits their use case and circumstances. Why make it all or nothing?
It’s a valid concern IMO. Any application on X11 can install a key logger, record your screen, and influence other applications in a myriad of ways. With open source software from a trusted repository, this is not an issue, but an increasing number of people run random binary blobs from Steam, the Snap Store and Flathub. I am 100% certain that some less-conscientious publishers are already using X11 features to build ad profiles of their users; it’s a matter of time before the first ransomware will appear. The only sensible way to prevent this, is to confine applications to their own space.
Wayland simply doesn’t have protocols for most of this stuff. (Applications are supposed to use D-Bus and portals.) Developing new protocols that offer X11-like functionality is a large investment and will also need changes in the toolkits and apps to make it work.
Race conditions in wlroots is fixable, and not a reason to choose x11 over Wayland.
Out of curiosity, how much mail do you tend to store at your provider?
And if it’s a non trivial amount, what do you plan to do when they announce it?