Announcement

Collapse
No announcement yet.

X.Org Server 21.1 Will Aim To Release In The Coming Weeks

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #91
    Originally posted by smitty3268 View Post

    birdie is what he is, that's never going to change.

    I blame you (or Michael) or whoever has the capability to permaban these people from Phoronix but chooses not to.

    Phoronix has cultivated this kind of community for itself.
    I have reported him several times. Michael in fact tells me birdie is very annoying, and has banned him twice before.
    I have tried my best by deleting his messages, but I have a different timezone and often by the time I wake up the flamewar already started.

    birdie hates me with a passion...
    Last edited by tildearrow; 10 August 2021, 10:35 PM.

    Comment


    • #92
      Originally posted by tildearrow View Post
      Problem is, Wayland devs think that the only way to fix X's security nightmare is by removing everything. Wayland has no data query protocols (e.g. retrieving key or mouse events/position) and instead leaves this up to the compositor, which leads to fragmentation and increased developer work (read the post about Synergy on the second page for an example of a real use case of this feature!).
      The right way to fix X's lack of security is by adding a permission system. macOS did this, and it works very well. But Wayland devs will never realize that.........
      Allows keyloggers Allows benign data query (e.g. Synergy)
      X11 Yes Yes
      Wayland No No
      macOS No Yes
      This is kind of wrong because you overly simpliefed it. You need to take a closer look at MacOS. The area of macos that does the same functionality as the wayland protocol does not support any more features than wayland does. Apple has their equal to the dbus protocol.

      Allows benign data query under MacOS is done in different ways but not in ways that suggest need for wayland protocol change.

      Like the keyboard faking and capturing of Synergy on MacOS is done by using the IOKit/hidsystem/IOHIDLib.h this is the same as using Linux kernel uinput. Yes the IOHIDLib.h bit of Mac OS is not connect to the graphical compositor of macos in any direct way. So keyboard is not done by data capture protocols on MacOS at all but by device layer.

      Mouse is connect to MacOS interfaces for doing remote desktop to know where the mouse pointer is. What would be the wayland desktop one of this.
      https://flatpak.github.io/xdg-deskto....RemoteDesktop.

      The result of looking at this would be.
      The faking and capture of keyboard would be uinput. The faking of mouse movement itself would be uinput. Tracking where mouse movement is that would the RemoteDesktop interface of portal. Notice something here no Wayland yet I am attempt to hook up Synergy on Linux the way it hooked up on macos. Yes hooked up this way there is a possibility that barrier/synergy could work on Linux text mode ttys as well.

      tildearrow when you look closely at Synergy on macos and where it hooking up to. Macos not suggesting that there need to any need data query protocols in wayland at all. Remember dbus has a permission system.

      tildearrow its common to make a unfair compare to macos because macos is a collection of things. Problem here is when you in fact break down how it being done in macos its not going near the parts in macros that would be the wayland compositor in macos communication channels for graphical data. So if we are following macos lead here there will be no data query protocols in wayland because macos does not say they should at that location.

      Comment


      • #93
        Originally posted by tildearrow View Post

        I have reported him several times. Michael in fact tells me birdie is very annoying, and has banned him twice before.
        I have tried my best by deleting his messages, but I have a different timezone and often by the time I wake up the flamewar already started.
        So then it's Michael.

        Deleting a few messages does nothing because the flamewars already take over the whole conversation, and the same is true for a couple 1 day bans. Everyone knows there are no real consequences for trolling on Phoronix, so nobody cares.

        If anything, I bet birdie treated those days like a mini-vacation where he didn't have to worry about how he was going to troll people, and then came back the next day refreshed and ready to go again.


        Edit - Nobody will probably believe this, but around a couple of years ago I was planning to make a paypal payment to Michael because he'd had a run of several very interesting articles in a row that week. But then I ended up reading one of the comment sections that had devolved into a mess and vowed to myself he won't see another cent from me while the forums are so badly mismanaged. So Michael, this is costing you real money to not clean this up. Maybe not as much as you're getting by just ignoring it, I don't know. But i have to just put it out there.
        Last edited by smitty3268; 10 August 2021, 11:45 PM.

        Comment


        • #94
          Originally posted by Inopia View Post
          There's still business interest in X.org X11 so it wont die. It's a long transition but I'm sure it'll happen eventually. I'm pretty sure Steam Deck will release with X11 but transition in a further update when they can ensure things work.
          SteamOS 3.0 and SteamDeck have XWayland, but the Steam interface runs with the replacement to steamcompmgr, gamescope -- a minimal Wayland compositor. It gets game frames via Xwayland with zero-copy, and composites with Vulkan and async compute so as not to interfere with games drawing their frames.

          More info here: https://www.reddit.com/r/linux_gamin...k_are_run_via/

          Comment


          • #95
            Originally posted by Weasel View Post
            That's required for things like AutoHotkey to function. BTW, on Windows. Looks like X is perfectly sane to me.
            Attackers are trying a new kind of living-off-the-land attack, misusing Microsoft's AutoHotkey. See how they're doing it and how to defend against them.


            Whoops.....
            Yes, perfectly sane.

            Comment


            • #96
              Holy cow. Major disclaimer: I am not a linux guru and have only being using it as my primary OS for the last ~10 years.

              I can't believe how these conversations devolve. I come to these forums because there are gurus who I love to hear technical insights- even if I don't fully grok them. Why do we have to die on some hill because something has to be either the greatest or the worst. The last experience I had with Wayland was with my work laptop and on login I could pick X11 or Wayland (I ran Wayland 95% of the time aside from when I had to screen share), hardly forced down my throat.

              I applaud the guys continuing to introduce X11 fixes because a transition from something as ubiquitous as X11 is going to be an arduous road and it should be supported until people are satisfied with Wayland meeting their use case. X11 is brilliant and paved the way for so much. It feels like a lot of the work is going to be growing pains to meet feature parity and it might be a bit rough-going.

              Regardless, It seems like Wayland is here to stay. I'm excited because it seems like an architectural shift and sometimes it's just not feasible to refactor a deep codebase to new foundations. Maybe that makes me a fanboy, but I am rooting for them to succeed.

              The last thing people on any of these teams need is a flame-war between non-contributors. Can we please keep the conversations to things like benefits, shortcomings (and how they might be addressed), personal experience, technical experience, possible foresight?

              Comment


              • #97
                Originally posted by oiaohm View Post
                AT-SPI2 supporting applications under Linux with the program off-screen or minimised can be controlled by AT-SPI2 even under Wayland.
                Problem is that I have indeed tried using AT-SPI2 and it has NO function to retrieve the mouse cursor bitmap, not even the current mouse cursor type.

                Comment


                • #98
                  Originally posted by oiaohm View Post
                  The reality here is before changing to file handles they tried 20 different other options that always lead back to failure. Nvidia did put up solution because they were not interested in taking part in development at that time. This is always bad move to let someone plan you future.
                  You mean NVidia did or didn't?


                  Originally posted by oiaohm View Post
                  This is not a solid arguement. Fuschia is a everything is a object.
                  Re-read the paragraph, this statement had nothing to do with file or object based. The point being made is putting these security features into Wayland is kinda pointless because the way that Linux is designed, unless you also restrict the data that the program can access then you are not really solving anything. https://blog.martin-graesslin.com/bl...plasmawayland/ is a good explanation

                  This is what I meant when I said putting the cart before the horse, making Wayland really secure is kind of pointless because in context of the security that Wayland is providing (I.e. a random program not being able to take another programs clipboard), Linux programs can do this without Wayland anyways.

                  To do this stuff properly you really do need a capabilities based system, ideally in the kernel and thats what I meant by Fuschia/Android.


                  Originally posted by oiaohm View Post

                  mdedetrich there is a catch here. When design OS you really do need to pick 'everything is a [X]' answer. If you don't you security framework end up coming more and more complex and buggy. Unix/posix early design documents did state the "everything as a file" so their X was file but then when you checking the selected X file was not case for everything.

                  If you have a OS that is 90% everything is a file and 10% is not results in: 10% that has bugs that the other 90% does not have. This is about being able to share developer time making your security and anti-race condition solutions so getting enough peer review that you get these things right.
                  Uh I think you are completely deluding yourself if you are telling yourself that no problem/bugs exists if you use the buffer as a file is a framework. Most beings being a file is an abstraction, saying such a feature inheritly makes something secure is bullshit.

                  The only kernel's that can claim that something is proven to be secure (in a mathematical sense) is something like sel4 https://sel4.systems/. If you want to prove something is secure, then you need to use a theorem prover along with the associated language/tools otherwise you are just lying out of ignorance.

                  Originally posted by oiaohm View Post
                  Linux and BSD and Unix have had a split personality problem where people state that unix is everything is a file but in reality it was everything is a file for 90% of cases with the 10% of cases not file but using domain particular things that turned out not enough peer review so be buggy and not to integrate with the host OS security system properly.
                  No it turned out that treating everything as a file is not the pancea it used to be which is why Plan9 got nowhere, this is the classic 80/20 problem. I am sorry, but whenever someone says that some concept is the solution for every problem it just demonstrates they are naive and lack experience. Its fine that you are willing to accept some design concept even with its flaws just for the sake of consistency, but that doesn't mean its flawless

                  Comment


                  • #99
                    Originally posted by tildearrow View Post
                    Problem is that I have indeed tried using AT-SPI2 and it has NO function to retrieve the mouse cursor bitmap, not even the current mouse cursor type.
                    When you are off screen getting a mouse cursor bitmap is not promised to be correct either under windows or mac os or X11. Yes you might have a reporting when a window is off screen that you are have text cursor type when you are in fact outside the text box and above a button that terminates the application yes this can happen under windows and X11 of course wayland. AT-SPI2 always has you in off screen mode where you cannot in fact be sure to know what in heck the mouse pointer is. Yes I agree pain in ass at times. Remember application knowing it window is off screen is in it right not to update the mouse pointer status as mouse cross over the window.

                    To get mouse cursor bitmap and current current mouse type for on screen windows there dbus api that works with wayland compositors.

                    Should fix compatibility with obs-xdg-portal plugin per this. Eventually, we should support all of these cursor modes properly, but for now it might be a good idea to allow this to be "fudged" with...

                    Reporting the current mouse cursor is in the desktop portal screencast feature.

                    xdg desktop portal stuff is where the secure Allows benign data query is.

                    AT-SPI2 really for off screen need the means to say hey application with mouse here in your window what mouse pointer is this. As in a direct ask. Remember off screen application may not be getting cpu time so can have a hell load of lag. This is why off screen mouse pointer status absolute horrible, Yes that off screen lag applies under X11 as well. Off screen applications controlling them be it X11 or Wayland you really do need to be able to use at-spi2 to-do everything including at times doing operation paths to create known state. Do a data query to X11 for a off screen window is path to hell just like its path to hell under windows and path to error not accessible with Mac os..

                    You put allow Allows benign data query as yes for X11. It should be "Allows benign data query yes(but sometime providing completely incorrect information)" for X11. Mac OS does provide the benign data query correct or a error of not accessible because the status is missing.

                    tildearrow like it or not how to control applications has been a game in broken for quite some time. As in decades.

                    Comment


                    • Originally posted by mdedetrich View Post
                      You mean NVidia did or didn't?
                      Yes they did put a a solution it was not fix it. Its possible to be did and didn't at the same time. Sometimes Nvidia put forward solutions are totally wacky.

                      Originally posted by mdedetrich View Post
                      To do this stuff properly you really do need a capabilities based system, ideally in the kernel and thats what I meant by Fuschia/Android.
                      What do you think the capabilities system in the Linux kernel from Linux security modules hooked up to in the most complete way. Files.

                      Fuschia the capabilities system is hooked up to objects.

                      Originally posted by mdedetrich View Post
                      Uh I think you are completely deluding yourself if you are telling yourself that no problem/bugs exists if you use the buffer as a file is a framework. Most beings being a file is an abstraction, saying such a feature inheritly makes something secure is bullshit.
                      No stop. Security frameworks even in Fuschia has to have a abstraction so it can be applied. This is the everything is [x] question. You security framework has to have a [x] or the security framework cannot be applied correctly.

                      sel4 is a "everything is a object" its security model works on objects. Yes objects is how sel4 abstracts everything. That everything is question turns out to be very important.

                      Comment

                      Working...
                      X