Path: csiph.com!eternal-september.org!feeder.eternal-september.org!.POSTED!not-for-mail From: John Ames Newsgroups: comp.os.linux.misc Subject: Re: Artix Linux and Xlibre Date: Fri, 8 Aug 2025 15:38:58 -0700 Organization: A noiseless patient Spider Lines: 50 Message-ID: <20250808153858.00006557@gmail.com> References: <1063lgp$jmj$2@reader1.panix.com> <1064ag9$1kvkq$1@dont-email.me> <1064m75$1lvr1$1@dont-email.me> <10667je$35rkf$2@dont-email.me> <106bdkb$2s14s$1@dont-email.me> <106bjgj$2t9mq$5@dont-email.me> <106cld0$33q3n$2@dont-email.me> <106l5kp$133ed$3@dont-email.me> <106ohbv$1q0ne$1@dont-email.me> <106s6ae$2irb0$6@dont-email.me> <106thun$2tl20$1@dont-email.me> <20250805120229.00002255@gmail.com> <106ulcf$35j8e$3@dont-email.me> <20250806090124.00005af4@gmail.com> <10716ac$3ok85$4@dont-email.me> <20250807141447.000028d3@gmail.com> <20250807155622.00003411@gmail.com> <1073tqh$empg$7@dont-email.me> <20250808084918.00007e14@gmail.com> <1075q17$ukab$5@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Injection-Date: Fri, 08 Aug 2025 22:39:03 +0000 (UTC) Injection-Info: dont-email.me; posting-host="9f381b277bbfb883ed5676d8601e9cf0"; logging-data="1014900"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19TUpzcdTBP4k5C9ge2xvF0+sADBax9+Mo=" Cancel-Lock: sha1:3fqVEB9XQJV1WQGvQaimU2McXFs= X-Newsreader: Claws Mail 4.3.0 (GTK 3.24.42; x86_64-w64-mingw32) Xref: csiph.com comp.os.linux.misc:70629 On Fri, 8 Aug 2025 21:25:59 -0000 (UTC) Lawrence D'Oliveiro wrote: > >> If you allow don=E2=80=99t-care cases to apps the user trusts, then al= l it > >> needs to bypass the do-care cases is to pretend to be an app that > >> the user trusts. =20 > >=20 > > If that's a possibility, you've got a serious security failure on > > your hands. =20 >=20 > You mean you just realized that? No. > > But if you *do,* the right thing is to fix the *actual* problem, > > not to construct some Byzantine set of hypothetical safeguards ... =20 >=20 > You have to rethink the architecture. And realize that X11 + any > number of =E2=80=9CByzantine safeguards=E2=80=9D will never work quite as= well as a > purpose-built architecture+protocol that is designed from the ground > up for security. That was never the argument here; X11's cruftiness and insecurity is not in dispute, and nobody (at least in this branch of the discussion) was proposing slapping bandages on it 'til it got better. I am quite prepared to accept that the best thing for freenix going forward would be to replace it with a better system. What we *have* been arguing over (since you've evidently lost track) is Wayland's obstinate, autocratic approach to the design of what they mean to *be* that better system; they expressly intend to replace X11 as the standard display server, but they have for years refused to provide equivalent functionality that doesn't seem necessary to them. They've claimed repeatedly that their reasons for this are based in security concerns - but their own actions give the lie to that, since they finally gave in (by the admission of some of their devs, because they worried about losing their bid for acceptance otherwise.) If they truly believed what they were saying, they wouldn't have done that. And that rationale never made sense to begin with. If it were *ever* the case that malicious actors could remotely induce a Wayland server to display information and accept input on a user session, security would *already* be compromised, whether they could control window size/ position or not. The thing to do is design a system where that *can't happen* - hobbling legit programs on the off chance that you might slightly hamper some future burglar is just inane.