Comment 147 Re: X is from a different time

Story

Lack of GUI Isolation as Linux security flaw

Preview

X is from a different time (Score: 5, Interesting)

by mth@pipedot.org on 2014-04-18 13:47 (#146)

X is from a time when flexibility was considered more important than security. So I'm not surprised it is weak in this respect.

If you create a second login session at the display manager, I think that would be shielded from the first: they would be talking to the same X server, but to different displays. If I understand X correctly, snooping is possible between applications connected to the same display (X display, not a physical monitor).

Re: X is from a different time (Score: 3, Informative)

by Anonymous Coward on 2014-04-18 14:03 (#147)

That's kind of the issue: the author points out you can use the xtest application to essentially record keystrokes as they happen, even from someone typing into a root terminal. Her preference is for apps to be unable to communicate with each other, as I understand it, and she claims Windows Vista and up do a better job of addressing this weakness.

Moderation

Time Reason Points Voter
2014-04-18 15:52 Informative +1 songofthepogo@pipedot.org
2014-04-18 17:41 Interesting +1 number6x@pipedot.org
2014-04-21 12:29 Informative +1 nightsky30@pipedot.org

Junk Status

Marked as [Not Junk] by evilviper@pipedot.org on 2015-01-04 19:15