On Monday 24 September 2012 12:45:22 Shaun Reich wrote: > Could you please elaborate on what you mean by security issues? X11 is extremely insecure, e.g. * each window can eavesdrop the input to other windows * each window can get the pixmap of other windows * each window can get the position and stacking position of other windows
This can easily be used to attack the systems security. E.g. at XDC last week a possible attack was described by rendering a window on top of the Firefox location bar and by that faking that you are really on your bank account. Many of these issues are gone with the switch to wayland, but KWin and Plasma add backdoors again. E.g. KWin provides a D-Bus interface to generate screenshots of any window. There are many more such issues and we have to be very careful to not break the security here. This is actually quite a change given that X11 has been so insecure that whatever we did, it could not create harm. Now we have to consider this (I'm rather glad that I had a rather good security education). Cheers Martin
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Plasma-devel mailing list Plasma-devel@kde.org https://mail.kde.org/mailman/listinfo/plasma-devel
