← Back to team overview

ubuntu-phone team mailing list archive

Re: M10 Libertine

 

On 16-04-28 01:28 PM, Christian Hahn wrote:
>
> What are the reasons to run each programm with it's own Xmir-server, in
> it's own confinement?
> What do I have to do to just start a Xmir-Server?

X11 is an inherently insecure platform on which to run untrusted software.  It's simple and easy to inject keystrokes,
intercept keystrokes, scrape screens, and even launch privileged applications through the X server.  With each
application running its own private X server, none of that is possible.  The disadvantage is that conveniences like data
sharing and input methods (including on-screen keyboards) that used to pass data in the clear through the X server now
need to be done using other more secure mechanisms.

You can't just start an XMir instance either, because there are measures in place to prevent arbitrary programs from
simply connecting to Mir and reading your passwords and banking information as you enter them.

-- 
Stephen M. Webb  <stephen.webb@xxxxxxxxxxxxx>


Follow ups

References