top | item 30918340 Firefox 99 33 points| nimar | 3 years ago |mozilla.org 6 comments order hn newest [+] [-] kevincox|3 years ago|reply > The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11).That is a very significant step. I wonder if this applies to Wayland users as well or if this was already a non-issue. [+] [-] WhyNotHugo|3 years ago|reply It's less of an issue on Wayland.Clients can't randomly snoop onto what others are doing (e.g.: record keystrokes while on background).There's still _some_ attack surface on Wayland, but less than there was on Xorg.BTW: Note sure if this feature was implemented for Wayland, but it sounds like it wasn't. [+] [-] kup0|3 years ago|reply I wonder if this will break the hardware acceleration I've enabled to run in Firefox in X11 by using the VAAPI flags/etc [+] [-] alophawen|3 years ago|reply The issue with Xorg is that it runs as root by default (there seems to be ways to run it as non-root according to Gentoo Wiki, but I'm pretty sure most popular distros runs it as root).One of the selling points of wayland is that it does not.EDIT: See child replies. I am outdated info. load replies (1)
[+] [-] kevincox|3 years ago|reply > The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11).That is a very significant step. I wonder if this applies to Wayland users as well or if this was already a non-issue. [+] [-] WhyNotHugo|3 years ago|reply It's less of an issue on Wayland.Clients can't randomly snoop onto what others are doing (e.g.: record keystrokes while on background).There's still _some_ attack surface on Wayland, but less than there was on Xorg.BTW: Note sure if this feature was implemented for Wayland, but it sounds like it wasn't. [+] [-] kup0|3 years ago|reply I wonder if this will break the hardware acceleration I've enabled to run in Firefox in X11 by using the VAAPI flags/etc [+] [-] alophawen|3 years ago|reply The issue with Xorg is that it runs as root by default (there seems to be ways to run it as non-root according to Gentoo Wiki, but I'm pretty sure most popular distros runs it as root).One of the selling points of wayland is that it does not.EDIT: See child replies. I am outdated info. load replies (1)
[+] [-] WhyNotHugo|3 years ago|reply It's less of an issue on Wayland.Clients can't randomly snoop onto what others are doing (e.g.: record keystrokes while on background).There's still _some_ attack surface on Wayland, but less than there was on Xorg.BTW: Note sure if this feature was implemented for Wayland, but it sounds like it wasn't.
[+] [-] kup0|3 years ago|reply I wonder if this will break the hardware acceleration I've enabled to run in Firefox in X11 by using the VAAPI flags/etc
[+] [-] alophawen|3 years ago|reply The issue with Xorg is that it runs as root by default (there seems to be ways to run it as non-root according to Gentoo Wiki, but I'm pretty sure most popular distros runs it as root).One of the selling points of wayland is that it does not.EDIT: See child replies. I am outdated info. load replies (1)
[+] [-] kevincox|3 years ago|reply
That is a very significant step. I wonder if this applies to Wayland users as well or if this was already a non-issue.
[+] [-] WhyNotHugo|3 years ago|reply
Clients can't randomly snoop onto what others are doing (e.g.: record keystrokes while on background).
There's still _some_ attack surface on Wayland, but less than there was on Xorg.
BTW: Note sure if this feature was implemented for Wayland, but it sounds like it wasn't.
[+] [-] kup0|3 years ago|reply
[+] [-] alophawen|3 years ago|reply
One of the selling points of wayland is that it does not.
EDIT: See child replies. I am outdated info.