X.org server

For discussions about security.
Post Reply
Message
Author
labbe5
Posts: 2159
Joined: Wed 13 Nov 2013, 14:26
Location: Canada

X.org server

#1 Post by labbe5 »

http://www.techrepublic.com/article/a-l ... rom-x-org/

Linux users are aware of the long-standing debate between X.org server and Wayland, and why we all should switch to Wayland.

The fact is X.org server has built-in vulnerabilities, and Wayland is a response to that.

Read on :
For those that don't know, X was originally designed and released in 1985 and X11 in 1987. X.org replaced X11 and was originally released April 6, 2004. When X was originally conceived, the computing world was in a completely different state. Both X and X.org lack a few very important security features that are critical for modern era usage and hardware.

Effectively, with X.org, your display could be turned into a keylogger. That, my friends, is reason enough to warrant the switch. Thing is, however, few distributions have officially made the jump from X.org to the likes of Wayland. In fact, the only major distribution to make the switch is Fedora. And we all know what happened with the Ubuntu Desktop and its attempted migration from X.org. The good news on that front is that Ubuntu 18.04 will be making use of the newer Wayland X server. Once Ubuntu makes the switch, Ubuntu spinoffs will also enjoy the change.

A few smaller distros that are already implementing Wayland. For instance, RebbecaBlackOS (a Debian testing distribution) uses Wayland by default. Two other lesser-known distributions that rely on Wayland are Liri and MauiOS. Fedora is the only major distribution to use Wayland.

If you are overly concerned about security (which, let's face it, you should be), it would behoove you to either implement Firejail.

Firejail version is now 0.9.50. For you to install latest version, don't rely on repositories. You should compile Firejail : $ ./configure && make && sudo make install-strip
Or use a Puppy compiler.

Trinitydog users may install Firejail and do :
$ sudo firecfg
This command integrates Firejail into your desktop.
But run sudo firecfg every time you install a new program.
https://firejail.wordpress.com/features-3/man-firecfg/

On a personal note, i prefer using Firejail in terminal, because i can set which dns are to be used with Firefox, such as in this example : firejail --private --dns=84.200.69.80 --dns=84.200.70.40 --caps.drop=all firefox -no-remote
When integrated into your desktop, all applications that have a Firejail profile are sandboxed.
Top
User avatar
rufwoof
Posts: 3690
Joined: Mon 24 Feb 2014, 17:47

#2 Post by rufwoof »

Effectively, with X.org, your display could be turned into a keylogger. That, my friends, is reason enough to warrant the switch.
See this Reddit https://www.reddit.com/r/linux/comments ... over_xorg/ and search for the text around ....
Security of Wayland is better than of X.org.

Absolutely not. This is a giant myth. Wayland has the exact same security situation as X11 right now. All clients can completely manipulate each other outside of a sandbox and they can't touch each other inside of a sandbox.

This is a myth that Wayland propaganda loves to spread
Top
Post Reply

Return to “Security”