On Mon, Dec 14, 2009 at 06:08:30AM -0700, Duncan Patton a Campbell wrote: > On Sat, 12 Dec 2009 23:47:38 +0200 (EET) > Lars Nooden <lars.cura...@gmail.com> wrote:
> > On Sat, 12 Dec 2009, Duncan Patton a Campbell wrote: > > > On Wed, 18 Nov 2009 21:51:03 -0800 > > > Ted Unangst <ted.unan...@gmail.com> wrote: > > >> How many people are aware that any X program can listen to the > > >> keystrokes of any other X program? > > > Any machine running or accessed by an X-machine is fundamentally > > > insecure to whatever level of perms the accessor has. Which doesn't > > > mean that I don't use X, just that I assume, a-priori, that anything on > > > X is common-wealth. > > So everything under X should be considered available to everything else > > under X. > > I presume new models for displays, or new ways to get some kind of > > privilege separation for X, have been discussed to death > > already. Is there any key discussion or publication? > I assume you've been to x.org and are asking me for a qualitative assessment > I'm not qualified to answer;-) Over the years this issue has re-emerged > in various contexts with various proposals and I don't think any resolution > better than a "vetted" code base has been agreed. Considering the design of X, I don't expect any valid security model to emerge out of it. If things are insecure, piling more protocols and more concepts on top of it is unlikely to make things better. The more complicated, the less secure. Look at recent X evolution. Tell me which way the wind blows ? The way I read things, they're mostly concerned with getting things faster, which can often be worthwhile. And adding more bloat to compete with Windows applications and eye-candy... that, in some lands, is considered worthwhile. >From past experience, I would expect much waving of hands over a two weeks periods, with lots of expert telling you "It's a complicated problem", running around in circle finding even MORE complicated problems to solve, and then things going back to its general state of apathy with respect to security issues.
