this post was submitted on 11 Feb 2025
444 points (96.2% liked)
linuxmemes
22425 readers
2044 users here now
Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
- Instance-wide TOS: https://legal.lemmy.world/tos/
- Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html
2. Be civil
- Understand the difference between a joke and an insult.
- Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
- Don't get baited into back-and-forth insults. We are not animals.
- Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
- Bigotry will not be tolerated.
- These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
3. Post Linux-related content
- Including Unix and BSD.
- Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of
sudoin Windows. - No porn. Even if you watch it on a Linux machine.
4. No recent reposts
- Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
5. 🇬🇧 Language/язык/Sprache
- This is primarily an English-speaking community. 🇬🇧🇦🇺🇺🇸
- Comments written in other languages are allowed.
- The substance of a post should be comprehensible for people who only speak English.
- Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
All possible. X had some age-old protocol enabling oval and whatnot windows and noone ever used it, whether you use CSD or SSD you can paint with alpha and say "nope, that mouse click wasn't for me". So even if logically all windows are rectangular because that makes sense because textures are rectangular and you really don't want to complicate things at that level, UX-wise you can have fractal borders if you really want.
...anything "in hyperland" is a hyperland problem, not a wayland problem.
All Things compositors can do.
Faking input devices is compositor responsibility, for obvious security reasons.
As if Java and X work well together.
Weston does this, protocols support it, I don't think it's much of a priority for other compositors. The most common multiple pointing device configuration is to have both devices control one pointer. My tablet works and the tip is properly analogue that's plenty of functionality for me (dunno if tilt works by now, blender doesn't use it anyways).
So this is my big issue with Wayland - nothing is a ”Wayland problem”. Everything lands on the compositors. Features that existed for the past few decades in X and are deeply integrated into the ecosystem were relegated to second class citizens or just ignored. (Can we share our screens with Zoom yet?)
I won’t argue that X is flawless or should live forever. X should die. However, X actually solved problems instead of just providing a bunch of (IMHO) half baked ”protocols” so that someone else can solve the problem. From the perspective of a user or application developer, that’s just hot potatoes being passed around. And there have been plenty of hot potatoes the past decade.
Thank you for reading my yearly Wayland rant. I’ll now disappear into my XMonad-fueled bliss, fully software rendered.
There were ten years that the desktop environment people wasted, where all those interfaces could have been created but they only started in earnest once the x.org devs put their foot down and said "nope we're serious x.org is unmaintainable we're not doing this any more".
And no, X didn't solve any of those problems -- what it did was provide completely unrestricted access to everything to anyone and it took multiple decades before different clients would stop fighting each other over control over the desktop. That clusterfuck was one of the things that x.org devs wanted to avoid, but they, not being DE devs, also didn't know what DE people actually needed. So they asked. And, as said, didn't get an answer.
Sure, I’ll do another mini-rant.
I have no idea what real world threat model and threat actor the Wayland people are going for. A threat actor with code execution on a Linux desktop immediately has access to the filesystem and can do whatever anyway, in practice (see also: Steam deleting home directories). Privilege Escalation is a thing and namespaces in Linux are kinda meh. Run your untrusted code in an ephemeral VM.
My point is just that once you have a threat actor running code on your system, it’s game over regardless of whatever your desktop tries to do. (I’ll run with the Maginot Line comparison here, but Wayland is more like a locked door without walls.)
The security issues with X were the X-Forwarding-stuff being kinda bad, not the ”full access to everything”-stuff. I want my applications to access my things, otherwise I wouldn’t run the application.
If your threat model seriously needs sandboxing, you’ll wanna go the Qubes-route. Anyways, Arcan seems to have a more reasonable threat model than Wayland if you wanna go that route.
Thanks for reading my yearly mini rant on why Wayland’s security don’t matter and only gets in the way of the user and application developer.
No.
You misunderstood totally. I'm not saying it's not possible. There isn't a compositor making use of those things, but many X WMs that do.
There's no X WMs that fake input devices, or organise global hotkeys, or a thousand other things people always quote when bashing wayland. You can get bog-standard X applications which do that because X has literally no security model, but the feature set between e.g. KDE on X and KDE on wayland is virtually identical.
It's like you want to misunderstand me. I'm not bashing Wayland. That part of my comment isn't about WMs and compositors. It's about how hard it is to make macro that does a few clicks and types a few keys into an app etc.. It's still very hard in Wayland. I'm sure it will get better some day, but we're not there yet.
Have a look here. Not sure how they do it the proper way would be to run the desktop environment as a subcompositor of autokey.
Meanwhile, though, do try CLI automation. It's the Unix way.