View previous topic :: View next topic |
Author |
Message |
f1tz Tux's lil' helper
Joined: 27 Aug 2020 Posts: 88
|
Posted: Tue Mar 02, 2021 6:57 pm Post subject: New Wayland category inside "Desktop Environments" |
|
|
Dear mods,
to make debugging categorically less irritating, I would suggest to open a new category "Wayland" where we discuss problems, associated with Wayland.
In my modest amount of time spent on Gentoo, I realized that debugging takes quite different routes depending on the Desktop Server/protocol/compositor.
Ignore this message, in case it was my mistake to choose experimental software that has limited users
Regards,
f1tz |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54588 Location: 56N 3W
|
Posted: Tue Mar 02, 2021 7:00 pm Post subject: |
|
|
f1tz,
Moved from Desktop Environments to Gentoo Forums Feedback.
Its a possibility if there is sufficient demand.
Thank you for the suggestion _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Zucca Moderator
Joined: 14 Jun 2007 Posts: 3747 Location: Rasi, Finland
|
Posted: Tue Mar 02, 2021 9:19 pm Post subject: |
|
|
I've moved to Wayland on my gentoo machines.
Wayland category as a subforum of "Desktop Environments" is a neat idea.
I'm really an avid user of Wayland (Wayfire) so I could ask questions there and give answers to others.
I vote "yes". :) _________________ ..: Zucca :..
My gentoo installs: | init=/sbin/openrc-init
-systemd -logind -elogind seatd |
Quote: | I am NaN! I am a man! |
|
|
Back to top |
|
|
PlatinumTrinity Tux's lil' helper
Joined: 10 Mar 2020 Posts: 100
|
Posted: Wed Mar 03, 2021 2:54 am Post subject: |
|
|
Does wayland even have enough discussion to justify an entire board? Why not make a thread for it and gauge activity? |
|
Back to top |
|
|
Zucca Moderator
Joined: 14 Jun 2007 Posts: 3747 Location: Rasi, Finland
|
Posted: Wed Mar 03, 2021 8:42 pm Post subject: |
|
|
Given the fact the XOrg does not have anyone (at upstream) to maintain it anymore, yes, I think wayland questions will rise in future.
So maybe the hierarchy goes this way actually: Wayland --> Desktop environments --> gui apps.
Anyway while XOrg still is being used, wayland could have its own subforum.
Then maybe later merge it to the parent subforum... _________________ ..: Zucca :..
My gentoo installs: | init=/sbin/openrc-init
-systemd -logind -elogind seatd |
Quote: | I am NaN! I am a man! |
|
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6164 Location: Dallas area
|
Posted: Mon Mar 08, 2021 3:40 pm Post subject: |
|
|
I still use X a significant amount of time, but I am starting to play with wayland.
So maybe start with a sticky for wayland related stuff and if enough traffic then think about a sub-forum.
Zucca wrote: | I'm really an avid user of Wayland (Wayfire) so I could ask questions there and give answers to others. |
I'm just getting it to where I can use it. It's interesting to fire it up from the console, instead of running under X. _________________ UM780, 6.1 zen kernel, gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
asturm Developer
Joined: 05 Apr 2007 Posts: 9307
|
Posted: Wed Mar 17, 2021 2:02 pm Post subject: |
|
|
I would suggest to use [wayland] tag for now. |
|
Back to top |
|
|
Zucca Moderator
Joined: 14 Jun 2007 Posts: 3747 Location: Rasi, Finland
|
Posted: Wed Mar 17, 2021 7:17 pm Post subject: |
|
|
asturm wrote: | I would suggest to use [wayland] tag for now. | ++ _________________ ..: Zucca :..
My gentoo installs: | init=/sbin/openrc-init
-systemd -logind -elogind seatd |
Quote: | I am NaN! I am a man! |
|
|
Back to top |
|
|
tld Veteran
Joined: 09 Dec 2003 Posts: 1845
|
Posted: Thu Mar 25, 2021 3:42 pm Post subject: |
|
|
Sorry if this is a bit OT...just noticed this thread today.
I wasn't aware of that supposed status of xorg. I have NO words for how this depresses me, especially given wayland's lack of anything like X11 forwarding, which I use all the time. This literally wrecked my day.
EDIT: Never mind I've used nothing but fluxbox for a desktop for decades. Apparently that's a non-starter too(?).
Tom |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6164 Location: Dallas area
|
Posted: Thu Mar 25, 2021 4:07 pm Post subject: |
|
|
The report of X's death is greatly exaggerated.
As far as forwarding and other things, they're gradually making it to wayland. _________________ UM780, 6.1 zen kernel, gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Thu Mar 25, 2021 4:57 pm Post subject: |
|
|
tld wrote: | given wayland's lack of anything like X11 forwarding, which I use all the time. |
You shouldn't do that! It's a security nightmare.
As soon as you login to a remote machine using 'ssh -Y' (or something similar), you're lost. Anyone on the remote machine with sufficient privileges can log all your key presses and can make screenshots of you DE at any time. You wouldn't even notice. Really! Don't use X11 forwarding! |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6164 Location: Dallas area
|
Posted: Thu Mar 25, 2021 5:40 pm Post subject: |
|
|
mike155 wrote: | tld wrote: | given wayland's lack of anything like X11 forwarding, which I use all the time. |
You shouldn't do that! It's a security nightmare.
As soon as you login to a remote machine using 'ssh -Y' (or something similar), you're lost. Anyone on the remote machine with sufficient privileges can log all your key presses and can make screenshots of you DE at any time. You wouldn't even notice. Really! Don't use X11 forwarding! |
That's really poor advice. It's perfectly fine, under a lot of conditions.
If anyone that you don't trust can be on any of your systems, then there is always a chance of a breach of security.
As far as security, if you want to be truly secure, unplug your computer, and store it in a closet ... magically safe. _________________ UM780, 6.1 zen kernel, gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
Buffoon Veteran
Joined: 17 Jun 2015 Posts: 1369 Location: EU or US
|
Posted: Thu Mar 25, 2021 6:12 pm Post subject: |
|
|
Quote: | That's really poor advice. It's perfectly fine, under a lot of conditions. |
++
I use X apps remotely in headless machines, using X11 native feature, without SSH. There is nobody logged on in remote boxes but me and it is all behind NAT. These actions may have slight security issues, but nightmare it is not!
Is there any news about Wayland network transparency? I think I read somewhere there is work in progress. _________________ Life is a tragedy for those who feel and a comedy for those who think. |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22727
|
Posted: Thu Mar 25, 2021 6:39 pm Post subject: |
|
|
mike155 wrote: | Anyone on the remote machine with sufficient privileges can log all your key presses and can make screenshots of you DE at any time. | Generally, "sufficient privileges" is the privilege to connect to your forwarded X socket, meaning either root or the user you logged in as. For remote systems where the local user is the only authorized user of those remote accounts, there is no added risk. Equivalently, if everyone who can be root on the remote system has the ability to log in locally as root, then they could just connect to the local system and attack you there, so again, no added risk to X forwarding. |
|
Back to top |
|
|
Anon-E-moose Watchman
Joined: 23 May 2008 Posts: 6164 Location: Dallas area
|
Posted: Thu Mar 25, 2021 7:00 pm Post subject: |
|
|
Buffoon wrote: |
Is there any news about Wayland network transparency? I think I read somewhere there is work in progress. |
waypipe and wayvnc both in the gentoo repo.
waypipe wraps around ssh, and wayvnc is ... pretty explanatory.
Edit to add: still early for both packages but they should work as well as X for remote use. _________________ UM780, 6.1 zen kernel, gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Thu Mar 25, 2021 7:08 pm Post subject: |
|
|
Hu wrote: | mike155 wrote: | Anyone on the remote machine with sufficient privileges can log all your key presses and can make screenshots of you DE at any time. | Generally, "sufficient privileges" is the privilege to connect to your forwarded X socket, meaning either root or the user you logged in as. For remote systems where the local user is the only authorized user of those remote accounts, there is no added risk. Equivalently, if everyone who can be root on the remote system has the ability to log in locally as root, then they could just connect to the local system and attack you there, so again, no added risk to X forwarding. |
A student sits at home at his Linux machine and logs in to a machine at his university to do some homework. More than 100+ students have access to the university machine and at least 10 of them have "root" privileges. Now the student opens another window on his local machine and connects to his bank.
Would the student expect that the 10 users with "root" privileges at the university machine are able to log all his key presses (and thus get his passwords)? And that they can make screenshots of his session with his bank?
No, of course not.
But that's the way how X11 forwarding works. Form a security point of view, X11 forwarding is a nightmare. It's flawed. It has to die. The sooner, the better. It should have been replaced a long time ago. |
|
Back to top |
|
|
Buffoon Veteran
Joined: 17 Jun 2015 Posts: 1369 Location: EU or US
|
Posted: Thu Mar 25, 2021 7:19 pm Post subject: |
|
|
I just cut my finger, knives have to go, they are sharp and can be fatal. They are a nightmare. _________________ Life is a tragedy for those who feel and a comedy for those who think. |
|
Back to top |
|
|
Zucca Moderator
Joined: 14 Jun 2007 Posts: 3747 Location: Rasi, Finland
|
Posted: Thu Mar 25, 2021 7:24 pm Post subject: |
|
|
I sense topic derailing...
Maybe X11 forwarding chat needs its own topic? _________________ ..: Zucca :..
My gentoo installs: | init=/sbin/openrc-init
-systemd -logind -elogind seatd |
Quote: | I am NaN! I am a man! |
|
|
Back to top |
|
|
tld Veteran
Joined: 09 Dec 2003 Posts: 1845
|
Posted: Fri Mar 26, 2021 3:15 am Post subject: |
|
|
Anon-E-moose wrote: | That's really poor advice. It's perfectly fine, under a lot of conditions.
If anyone that you don't trust can be on any of your systems, then there is always a chance of a breach of security.
As far as security, if you want to be truly secure, unplug your computer, and store it in a closet ... magically safe. | I was gonna say...If someone's on the LAN in my home behind my NAT trying to do that, maybe X11 forwarding isn't my problem . I've never used it on anything outside of my LAN.
Zucca wrote: | I sense topic derailing...
Maybe X11 forwarding chat needs its own topic? | Yea...I started that...my bad. Thanks everyone for all the info though! More promising than I thought. I'm still a little confused as to things like fluxbox with Wayland, but no sense in continuing that here.
Tom |
|
Back to top |
|
|
|