Hacker News new | past | comments | ask | show | jobs | submit login

That proof-of-concept relied on a custom protocol extension which, as the author pointed out, was not meant to be merged in Wayland/Weston. In any case the extension required application to ask the compositor to be notified of the pointer position even when not "owning" it and the compositor can flatly refuse it to non-privileged clients according to any policy it wants, which is quite different from the current X11 situation.

This article has some useful information on how Wayland addresses the security concerns expressed in this thread: http://mupuf.org/blog/2014/02/19/wayland-compositors-why-and...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: