ubuntu-phone team mailing list archive

Thread
Date

Re: M10 Libertine

To: ubuntu-phone@xxxxxxxxxxxxxxxxxxx
From: "Stephen M. Webb" <stephen.webb@xxxxxxxxxxxxx>
Date: Thu, 28 Apr 2016 13:52:26 -0400
In-reply-to: <57224828.7040909@radamanthys.de>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1

On 16-04-28 01:28 PM, Christian Hahn wrote:
>
> What are the reasons to run each programm with it's own Xmir-server, in
> it's own confinement?
> What do I have to do to just start a Xmir-Server?

X11 is an inherently insecure platform on which to run untrusted software.  It's simple and easy to inject keystrokes,
intercept keystrokes, scrape screens, and even launch privileged applications through the X server.  With each
application running its own private X server, none of that is possible.  The disadvantage is that conveniences like data
sharing and input methods (including on-screen keyboards) that used to pass data in the clear through the X server now
need to be done using other more secure mechanisms.

You can't just start an XMir instance either, because there are measures in place to prevent arbitrary programs from
simply connecting to Mir and reading your passwords and banking information as you enter them.

-- 
Stephen M. Webb  <stephen.webb@xxxxxxxxxxxxx>

Follow ups

Re: M10 Libertine
From: Selene Scriven, 2016-05-04
Re: M10 Libertine
From: Christian Hahn, 2016-04-28

References

M10 Libertine
From: Christian Hahn, 2016-04-28