If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.
Announcement
Collapse
No announcement yet.
XWayland & X.Org Server See New Releases Due To Three More Security Vulnerabilities
X.org doe not have security issues if you run it rootless
Other than programs being able to escape confinement or being able to be chained via another exploit (e.g. via a browser) to compromise the user account, and from there it's easy to get to system level root since we can just create a fake sudo that captures the password.
and even if the program doesn't get root, can still snoop on your banking details as long as you use xorg.
It definitely sucks be be a non-Wayland user, like the Linux Mint guys!
As eager I am to move to Wayland, it sucks way more not having all the needed features, like AnyDesk and TeamViewer support!
(and this is true also for all the many use cases other people come up with, even kind of niche ones)
And? Wasn't one of the problems of X11 that it was too huge already?
So why use the Linux kernel? Go use MS-DOS.
I didn't get the impression X11 was too huge, but more that it dragging along a lot of old baggage. Much of that baggage is where X.org's security issues lie. The Linux kernel is actually decently good at keeping itself fresh.
Xorg sure has been getting a lot of security releases and new feature releases lately for such a "dead" project with "no developers".
Outside of ultra-bloated Gnome and KDE and a couple of wonky window managers, Wayland simply does not work, meaning the two-thirds majority of us who simply want a midweight desktop or a functional lightweight window manager are stuck with Xorg. That's the simple fact. If you cheerlead against the continued work on Xorg, you are quite simply cheerleading against 2/3 majority of your fellow GNU/Linux users having a safer and more robust display server. Try not to be so selfish and narcissistic.
you missing the key point: the linux kernel is actively developed and maintained.
X11 is not, all the X11 developers moved to Wayland.
Do all of us a favor and use the C64.. and do not connect it to the internet
these platitude never make any sense. the x11 developers went to mesa, and gpu driver development. we all get that the remaining x11 limitations will not get addressed, but it's not just sitting there bit-rotting. still used, still supported, and still improving as mesa/gpu development improves xorg users just like it does wayland sufferers.
So scraping your logins and passwords is nothing to worry about?
Find me a single piece of malware stealing data using X.org. We've had "broken" "insecure" X11 for over 40 years now. Where the hell are the millions of people who have lost fortunes due to X11's insecurity? Where are all the tens of thousands of viruses?
Find me a single piece of malware stealing data using X.org. We've had "broken" "insecure" X11 for over 40 years now. Where the hell are the millions of people who have lost fortunes due to X11's insecurity? Where are all the tens of thousands of viruses?
I think you are conflating exposure with security. Or do you really think these vulnerabilities are not real?
It has its benefits being a low value target running an obscure platform. ("Where the hell are the millions of X11 desktop users?" ) So being a Linux desktop user is inherently less risky (than eg. Windows). But most people still wants their Linux desktop without obvious security holes.
Oh - and the examples of Linux malware certainly are out there. You can just as well search for it yourself...
Comment