02:28 <wlb> weston Issue #578 closed \o/ (Controlling display state https://gitlab.freedesktop.org/wayland/weston/-/issues/578)

09:54 <aloisw> Hello, I'd be interested about the current state of security on Wayland. Basically, is it acceptable to hand the wayland socket to a potentially hostile application today?

09:57 <kennylevinsen> you would need to define your threat model first

09:59 <jadahl> it also very much depends on whether what interfaces the compositor exposes on that socket

09:59 <aloisw> I have an untrusted application running inside a sandbox. Does exposing the Wayland socket allow sandbox escape?

09:59 <kennylevinsen> without a threat model, both "it is never acceptable to run potentially hostile code" and "machine doesn't matter so YOLO" are valid answers...

10:02 <kennylevinsen> It is not impossible that it leads to a sandbox escape either through bugs in the compositor, or as a more problematic vector, through bugs in other wayland clients that you ran outside of your sandbox triggered by e.g. copy/paste data transfers.

10:03 <kennylevinsen> restricting protocols available would limit the risk of the latter

10:03 <pq> aloisw, it does not allow escape, unless the compositor exposes interfaces that could be used to escape. The minimum set of Wayland interfaces that all desktop apps depend on should be safe from Wayland perspective AFAIK. But, the app can still easily DoS the compositor as I don't think most compositors protect against e.g. too many protocol objects exhausting memory.

10:46 <wlb> wayland/main: Olivier Fourdan * shm: Close file descriptors not needed https://gitlab.freedesktop.org/wayland/wayland/commit/6c424e9d4c92 src/wayland-shm.c

10:46 <wlb> wayland Merge request !203 merged \o/ (shm: Close file descriptors not needed https://gitlab.freedesktop.org/wayland/wayland/-/merge_requests/203)

10:47 <aloisw> Thank you folks for your answers, I think I will implement a different solution then.

10:48 <aloisw> I don't want to rely on the compositor not implementing "unsafe" protocols.

10:48 <kennylevinsen> It's definitely better than X11 by a long shot, but it depends on the paranoia level you need and what you trust

10:49 <aloisw> Yeah, I obviously don't expose the X11 socket, but run Xpra inside the sandbox.

12:03 <wlb> wayland Issue #285 closed \o/ (scanner: Add a --max-version argument https://gitlab.freedesktop.org/wayland/wayland/-/issues/285)

12:04 <emersion> "That's why you never check generated code into VCS."

12:04 <emersion> sadly there are a few offenders

12:04 <emersion> firefox, Qt…

12:05 <pq> they get to eat their pain

12:05 <emersion> indeed

12:06 <pq> they will also miss bug fixes that way

13:07 <wlb> wayland Merge request !225 opened by () Draft: protocol: add wl_surface.scale_factor https://gitlab.freedesktop.org/wayland/wayland/-/merge_requests/225

13:12 <wlb> wayland Merge request !226 opened by () Draft: protocol: allow subscale surface buffers https://gitlab.freedesktop.org/wayland/wayland/-/merge_requests/226

13:19 <emersion> kennylevinsen: new MRs for you to comment on :>

13:21 <grawity> hey I remember libinput had debouncing but is that something I have to manually enable? my laptop's clickpad button is fine when pressing it, but tends to generate a lot of events when releasing

13:57 <wlb> wayland-protocols Merge request !143 opened by () wp-surface-scale-v1: New protocol for fractional scaling https://gitlab.freedesktop.org/wayland/wayland-protocols/-/merge_requests/143

14:07 <wlb> wayland-protocols Merge request !144 opened by () viewport: Remove mention of wl_surface.attach x/y https://gitlab.freedesktop.org/wayland/wayland-protocols/-/merge_requests/144

14:10 <kennylevinsen> emersion: I see these MRs and I raise my own

14:10 <kennylevinsen> that's how this works right?

14:10 <emersion> ahah

14:35 <wlb> wayland Merge request !224 closed (Meson: Override wayland-scanner if it can be run)

14:41 <rickson> How more complex to make a WM for wayland is it compared to X?

14:45 <pq> rickson, apples and oranges. They're nothing alike.

14:45 <pq> both are extremely complicated in their own ways

14:46 <rickson> If I was to make a new WM from scratch, would it be better though to focus on wayland or keep using X11 for the time being?

14:46 <pq> That depends on why you want to make a new WM.

14:54 <wlb> wayland-protocols Issue #87 closed \o/ (Display notch support https://gitlab.freedesktop.org/wayland/wayland-protocols/-/issues/87)

16:39 <wlb> weston Merge request !818 opened by () libbacklight: Fix backlight never gets initialized https://gitlab.freedesktop.org/wayland/weston/-/merge_requests/818