That is a serious problem, but advocating X11 will not solve anything. Wayland is being improved every day, while X.org is in deep maintenance mode.
And let’s not pretend that X.org is perfect. Race conditions at least can be fixed, even if it takes a lot of time and effort. Worst case, someone will rewrite wlroots in Rust. But in X11 any application can kill other applications, install a key logger, pin itself to the foreground, etcetera. This is by design: it’s what makes window managers, xkill and xeyes work. It’s also a huge security flaw that can never be fixed.
That security argument is like advocating wearing a motorcycle helmet when walking down the street. It sounds like a great idea and super safe, but it’s also super impractical and the things it’s supposed to protect against are extremely unlikely.
But ok, more security isn’t a bad thing. But why not make it an option, like SELinux for example? That way users can choose a degree on a scale between security and convenience that suits their use case and circumstances. Why make it all or nothing?
It’s a valid concern IMO. Any application on X11 can install a key logger, record your screen, and influence other applications in a myriad of ways. With open source software from a trusted repository, this is not an issue, but an increasing number of people run random binary blobs from Steam, the Snap Store and Flathub. I am 100% certain that some less-conscientious publishers are already using X11 features to build ad profiles of their users; it’s a matter of time before the first ransomware will appear. The only sensible way to prevent this, is to confine applications to their own space.
But ok, more security isn’t a bad thing. But why not make it an option, like SELinux for example? That way users can choose a degree on a scale between security and convenience that suits their use case and circumstances. Why make it all or nothing?
Wayland simply doesn’t have protocols for most of this stuff. (Applications are supposed to use D-Bus and portals.) Developing new protocols that offer X11-like functionality is a large investment and will also need changes in the toolkits and apps to make it work.
No one is advocating X11. It’s hard to have a constructive conversation about the shortcomings of Wayland when every apologist seems to immediately go off topic.
“I don’t want to listen because you don’t know the technical challenges. Oh, you have a long list of credentials? I don’t want to listen to an argument from authority. X11 bad, therefore Wayland good.”
OP even brings up Mir, but you never see Wayland proponents talk about why they think Wayland is better.
That is a serious problem, but advocating X11 will not solve anything. Wayland is being improved every day, while X.org is in deep maintenance mode.
And let’s not pretend that X.org is perfect. Race conditions at least can be fixed, even if it takes a lot of time and effort. Worst case, someone will rewrite wlroots in Rust. But in X11 any application can kill other applications, install a key logger, pin itself to the foreground, etcetera. This is by design: it’s what makes window managers,
xkill
andxeyes
work. It’s also a huge security flaw that can never be fixed.That security argument is like advocating wearing a motorcycle helmet when walking down the street. It sounds like a great idea and super safe, but it’s also super impractical and the things it’s supposed to protect against are extremely unlikely.
But ok, more security isn’t a bad thing. But why not make it an option, like SELinux for example? That way users can choose a degree on a scale between security and convenience that suits their use case and circumstances. Why make it all or nothing?
It’s a valid concern IMO. Any application on X11 can install a key logger, record your screen, and influence other applications in a myriad of ways. With open source software from a trusted repository, this is not an issue, but an increasing number of people run random binary blobs from Steam, the Snap Store and Flathub. I am 100% certain that some less-conscientious publishers are already using X11 features to build ad profiles of their users; it’s a matter of time before the first ransomware will appear. The only sensible way to prevent this, is to confine applications to their own space.
Wayland simply doesn’t have protocols for most of this stuff. (Applications are supposed to use D-Bus and portals.) Developing new protocols that offer X11-like functionality is a large investment and will also need changes in the toolkits and apps to make it work.
No one is advocating X11. It’s hard to have a constructive conversation about the shortcomings of Wayland when every apologist seems to immediately go off topic.
“I don’t want to listen because you don’t know the technical challenges. Oh, you have a long list of credentials? I don’t want to listen to an argument from authority. X11 bad, therefore Wayland good.”
OP even brings up Mir, but you never see Wayland proponents talk about why they think Wayland is better.