Originally posted by kpedersen
View Post
XDMCP does not have proper session to session isolation.
Originally posted by M@yeulC
View Post
Lets take waypipe example instead. Its using ssh remote. You don't have to run anything graphical/complex on the accessed server to display a login dialog instead ssh is starting up the session.
This is what XDMCP is allowing you to run a display manager and show a login in screen that is rendered on the server and historically and horrible wrong allowed you to change the login managers session into the user session and back again without restarting X11 server hello major security flaws. This multi user session stuff is really really bad.
Wayland only really need to be single user session. Of course wayland being a single user session protocol does not mean a server cannot run multi wayland single user sessions at the same time this is secure that you start session when user login details are valid and you end session when user logs out none of the multi user session transferring users between session. Items like ssh, logind.... to take care of the login and create the session. Basically lot cleaner design.
Login manager running under wayland session does not come the user session as X11 did.
Windows RDP also after the login screen in fact changes session this can be a cause of some of RDP security problems.
Comment