Announcement

Collapse
No announcement yet.

Another X.Org Security Advisory Disclosed Today

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #11
    Originally posted by uid313 View Post
    Maybe they should rewrite Wayland in Rust then...
    or java

    Comment

    • #12
      Originally posted by uid313 View Post
      Maybe they should rewrite Wayland in Rust then...
      I know you say that sarcastically uid, but i really do hope that eventually C and C++ can be phased out for Rust or a Rust-Like language where its memory-safe. Its not that programmers don't know what they are doing or are bad, its not that at all, but accidents and bugs do happen and if we can negate some of them before they ever even occur then all the more power to us.
      All opinions are my own not those of my employer if you know who they are.

      Comment

      • #13
        Originally posted by gens View Post
        or java
        Java is heavy and has overhead.
        Java may be good for application software, but perhaps not so much for system software.

        Originally posted by Ericg View Post
        I know you say that sarcastically uid, but i really do hope that eventually C and C++ can be phased out for Rust or a Rust-Like language where its memory-safe. Its not that programmers don't know what they are doing or are bad, its not that at all, but accidents and bugs do happen and if we can negate some of them before they ever even occur then all the more power to us.
        No, I wasn't being sarcastic.
        I was being serious.

        It is very difficult to to code proper and safe in C and takes a lot of knowledge, a lot of effort, a lot of time, and it is so easy to shoot yourself in the foot.
        Even when inspecting the code, it is very difficult to spot bugs.

        Rust is very robust and safe and brings many advantages over C. It also low level and fast and as far as I know does not bring disadvantages.

        Perhaps Rust could take over as the natural successor to C.

        Comment

        • #14
          Originally posted by uid313 View Post
          Maybe they should rewrite Wayland in Rust then...
          Not sure what that means. Wayland is just a protocol. Maybe you are referring to Weston? That doesn't affect other independent compositors.

          Comment

          • #15
            Originally posted by RahulSundaram View Post
            Not sure what that means. Wayland is just a protocol. Maybe you are referring to Weston? That doesn't affect other independent compositors.
            Well, maybe libwayland and the libraries, and yeah maybe Weston too.

            But I guess C makes sense for the reference implementation.

            Comment

            • #16
              Is anyone auditing Wayland / Weston / Mir for security vulnerabilities?

              Comment

              • #17
                Originally posted by gens View Post
                or java
                Or haskell.

                Comment

                • #18
                  Originally posted by Ericg View Post
                  Runs as user if using logind (at least on Fedora, idk if those patches got propagated out to other distros) and the open source drivers.
                  Still root here on Kubuntu 14.10:
                  Code:
                  steve@t520:~$ [B]ps -f -p $(pidof X)[/B]
UID        PID  PPID  C STIME TTY          TIME CMD
root      8749  1305  1 Mar16 tty7     00:42:25 /usr/bin/X :0 vt7 -br -nolisten tcp -auth /var/run/xauth/A:0-Al4k6a
                  Intel graphics drivers; using systemd-logind.

                  Comment

                  • #19
                    Originally posted by steveriley View Post
                    Still root here on Kubuntu 14.10:
                    Code:
                    steve@t520:~$ [B]ps -f -p $(pidof X)[/B]
UID        PID  PPID  C STIME TTY          TIME CMD
root      8749  1305  1 Mar16 tty7     00:42:25 /usr/bin/X :0 vt7 -br -nolisten tcp -auth /var/run/xauth/A:0-Al4k6a
                    Intel graphics drivers; using systemd-logind.
                    All the necessary patches have been pushed upstream by Fedora but your distribution has to setup some configuration for it to work out of the box. Ask them.

                    Comment

                    • #20
                      Originally posted by RahulSundaram View Post
                      All the necessary patches have been pushed upstream by Fedora but your distribution has to setup some configuration for it to work out of the box. Ask them.
                      There's still no support in lightdm and sddm:
                      1078808 – lightdm: RFE: add support for starting X inside a user session for: https://fedoraproject.org/wiki/Changes/XorgWithoutRootRights
                      https://bugzilla.redhat.com/show_bug.cgi?id=1078808

                      1078810 – sddm: RFE: add support for starting X inside a user session for: https://fedoraproject.org/wiki/Changes/XorgWithoutRootRights
                      https://bugzilla.redhat.com/show_bug.cgi?id=1078810

                      Comment

                      Previous 1 2 3 template Next
                      Working...
                      X