Web lists-archives.com

Re: When wayland spreads it looks like no more running gui's as root.




On Tue, 18 Apr 2017 10:27:51 +0200
René J.V. Bertin <rjvbertin@xxxxxxxxx> wrote:

> On Tuesday April 18 2017 02:20:24 Duncan wrote:
> 
> ...
> >Wayland is, OTOH, designed with security in mind, to run as a normal 
> >user, and under normal circumstances, only the compositor will be able to 
> >globally read whats typed into other applications and their windows (and   
> ...
> >Now I'm not specifically sure about your headline claim, but it /does/ 
> >stand to reason that with the higher wayland security, you may not be 
> >able to /directly/ run apps as another user (including root), like you 
> >can on X.  
> 
> Why would that stand to reason? If Wayland preserves a few key design principles from X11 it should indeed be able to separate GUI events to and from applications just like the kernel can separate other kinds of events between running applications.
> I understand this is already the case within applications run by a single user, it's no longer possible to do tricks like handing a Qt WId to a slave process like kwalletd so it presents a dialog as if the originating application posted it itself. Once you have that level of separation the question as what UID an application runs should actually be moot.
> 
> R
It sounds to me duncan that you have read a lot less of it than I did.

A lot of the reasons for the changes are flawed. Some of it probably down to ideas from people who essentially do everything in a console and by the sound of it aren't really aware of some fundamental aspects about software. It's vulnerable at all levels and most hacking starts at the lower levels anyway and will continue to do so because in typical use they are way too complex to be sure that they are 100% secure. In general connection to a network is the usual way in often via some software that is installed at that level. The ease via the network is flaws from way back when the general set up was used for purposes somewhat different to how they are used today. A lot less extensively as well.

All it needs to fix this from a user point of view anyway is another class of user. No one wants to run a desktop as root for anything other than specific apps and for short periods of time and why on earth should they not be able to.

X hardly does anything any more which is the only reason wayland is happening. I must assume duncan's machine doesn't have apparmor or polkit installed.

What it's all about really is doing something to improve a companies lot such as this one

https://en.wikipedia.org/wiki/Canonical_(company)

More customers needing to pay for support. A trade off between that and license fees. Having had to work on windows I don't think they have an earthly on anything other than relatively small outfits. Novel had a better business model and look what happened to them. I ran one of their servers for a while and wasn't at all surprised that this happened. Interesting point really. The millennium bug was a good excuse for lots of companies to get rid of it. Doesn't unix have one coming up?

Sorry I think this is another false start and will get done all over again at some point. As we all know from time to time we have to put up with half baked ideas but this one is more extreme that some of the others.

I also use a gui that drives some lower level software that does need to make system level changes. It's the only way I can realistically colour manage my PC and ensure that all apps  show the same thing. Part of that is that I'll probably find I have 3 of them installed and that some apps aren't managed at all. I wonder how many other gui's are about that do this sort of thing for other reasons. The whole reason for windows on any os is that they are a much more attractive method of working on the machine what ever is being done.

John
-