Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
exceptione 4 days ago

Good question.

It makes sand-boxing security impossible. The moment a process has access to the Xorg socket, it has access to everything. It is weird that this oftentimes misses from the discussion though.

altern8 4 days ago | parent [-]

Can't this aspect be improved, vs. switching to something else?

sprash 4 days ago | parent | next [-]

It is already possible today. There are access control hooks provided via XACE. Nobody uses them because the attack scenario is basically non-existent. If you run untrusted malicious apps having full access to your home directory you have big problems anyways. Not giving them access to e.g. the screen coordinates of their windows won't help you much then.

redeeman 4 days ago | parent [-]

which is exactly why you often dont give your sandboxed applications full access to your home directory :)

exceptione 3 days ago | parent | prev | next [-]

I fear it is an unsalvageable part of the Xorg design. The software is really old, including its assumptions about security. The original developers judged Xorg is really not saveable.

Any extra effort on X11 might help to buy more time, but will in the end be for nothing. And in this time of supply-chain attacks, vs-code plugins, npm packages, agents and what-not, X11 is just too dangerous.

antisol 2 hours ago | parent [-]

> The original developers judged Xorg is really not saveable.

No, the orignal developers judged that they couldn't be bothered saving it. This has no relationship with whether it can be saved.

> Any extra effort on X11 might help to buy more time, but will in the end be for nothing. And in this time of supply-chain attacks, vs-code plugins, npm packages, agents and what-not, X11 is just too dangerous

Wow, this is some impressive vague fearmongering. Please explain what npm packages, vs-code plugins, and "agents" have to do with X11 being "just too dangerous"?

Here, I'll try one:

"Even in 2026 the developer of the i3 window manager says wayland isn't ready for real use. Any effort poured into wayland might delay it's inevitable collapse but in these days of nodejs, rising authoritarianism, and climate change it's clear that it will never actually gain wide acceptance"

ElectroBuffoon 3 days ago | parent | prev [-]

QubesOS and Xpra+Firejail demostrate security can be improved including the X11 side. Solaris had Trusted Extensions. X11Libre has a proposal for using different magic cookies to isolate clients and give dummy data to the untrusted. Keith Packard also proposed something in 2018.