Is it hard to get an environment setup with wayland?
On 02/01/2020, 05:49, "Simon Lees" <sfl...@suse.de> wrote:
Hi,
On 1/2/20 7:06 AM, Jonathan Aquilina wrote:
> Evening All,
>
> I have a question is there anyone working on ethically hacking all
aspects of enlightenment. Reason I am asking is it might be a good idea to
ensure enlightenment does not pose any issues from a security aspect for end
users.
>
> Let me know your opinions on this as this is an area that really does
interest me for sure 😊
>
> Hope everyone had a great Christmas and wanting to wish everyone a very
happy and prosperous new year!
Under X11 there is little point in doing much, it was never designed
with security in mind so things like key logging and screen grabbing can
be done just using the native X11 API. If you think about what apps like
synergy and gimp's color picker can do using native API's with no
privileges you'll get a good idea. As such many things that would
generally be a security issue in other software don't get heaps of time
because you can probably do it using the API without an exploit anyway.
Having said that there are certainly areas worth looking at, especially
the binaries using suid bits to see if you can do any privilege
escalation. Wayland also sandboxes apps much better so its probably
worth looking there because anything you find would be worth while.
--
Simon Lees (Simotek) http://simotek.net
Emergency Update Team keybase.io/simotek
SUSE Linux Adelaide Australia, UTC+10:30
GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B
_______________________________________________
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
