> Message: 1 > Date: Sat, 16 Jun 2012 19:59:00 +0200 > From: Lukasz Skrzeczacy <[email protected]> > To: [email protected] > Subject: Is Wayland a secure display server? > Message-ID: <arbnljmqwumlpmsygfxn@gyqd> > Content-Type: text/plain; charset="UTF-8" > > Hi, > I am not a profesional Linux and English user so keep it in mind. I > recently heard of Wayland and I have some questions about security. > Security is one of the reason why I am using Linux. I know little about > security (but I will be learning about hardening system in the future), I > know only that today Linux is more secure than Windows but in the future > there will be more security threats. This makes me afraid about security
Hello, The Unix-compatible operating system provides a basic security by user isolation. The programs running under one user can't possibly attack programs running under another user. > of Linux. I readed some informations about Mandatory Access Control and > Access Control Lis and Virtualization. I readed about Qubes OS too. Joanna > Rutkowska said that in X Server there has not any isolation bettwen apps > so every application can sniff everything what user enter wherever even it > is another application. Her opinion is that this is a big problem for Yes, the isolation between applications is a major issue of the traditional X11 model. It is well known that any application connected to X11 server can listen on arbitrary events. Under the Wayland model, the application recieves only mouse and keyboard events only when it has focus. The application can't steal events from other application. So this is much improved design. > security. Even Windows have security feature that keylogger can't sniff > password entered into User Account Control but in Ubuntu keylogger could > read passwords entered into gksu. I thing that she > knows what is she saing because on the site www.invisiblethingslab.com > there is hers paper called Software Attacks against Intel VT-d > technology and other advanced methods of attack, she proposed feature in > processors called ?Supervisor Mode Execution Protection? and it is in > the Ivy Bridge processors and yesterday I readed about that Rafa? > Wojtczuk (also worked on Qubes OS) discovered a bug in Intel's > Virtualization in processors. > Is there ACL in Wayland? If not, it will be hard to implement it by I do not agree that an access control list is the ultimate solution > security specialists? Is in Wayland focus on security? Yes, it is intended to be secure but security is much more complex. Most of the security will depend on Linux kernel and other mechanisms and has not much to do with wayland. > Is Wayland a secure > display server? Can I manage windows in Wayland and give them for example > untrusted status? There are methods for running applications in a sanboxed enviroment, chroot etc... But this has nothing to do with wayland of course. Why would you run an application that you do not trust? Of course, when you run a harmful application, it can delete all your user data but the operating system, won't be damaged (due to user permissions). And the Wayland based desktop compositor won't be damaged too and continue to run (unless the code exploits a bug which can be fixed). Any other user on the system won't be affected by this. > > If you want read about Qubes OS and GUI isolation: > > http://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html > I do not think that virtualisation is the ultimate solution to this issue.. _______________________________________________ wayland-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/wayland-devel
