Posted by birdculture 1 day ago
Disclaimer: I find their screenshot unfortunate (it promotes ideologies that are arguably harmful to healthy bodies and souls).
[1] https://www.theregister.com/2025/06/10/xlibre_new_xorg_fork/ [2] https://github.com/X11Libre/xserver?tab=readme-ov-file#youre...
[1] https://github.com/X11Libre/xserver/blob/fea8b78358a169238a2...
As for the lead dev's stance on mandatory vaccination, that should not play a role in assessing the need for and the technical merits of the project. Attempting to cancel a project based on such personal views of its maintainers is exactly my issue here.
I feel this is an important detail to keep in mind while choosing a fork.
https://github.com/X11Libre/xserver/blob/master/HISTORY.md
Doesn't mention "woke" but the style is reminiscent to me from grandiosity/paranoia issues
These are both phrases used by people who are anti-woke (I guess asleep would be the proper term).
X11's practical absence of any security mechanisms for user sessions means you should probably not run any kind of low-trust UI program anyway, as there is no prevention of keystroke injection or screen recording, but that's a design flaw that will never be solved. That doesn't mean that EoP style attacks like these should be ignored or underestimated, though.
Any program you run on a computer (especially a Linux computer, which lacks modern OS security measures and has constant privesc kernel holes) exposes you to security flaws. There has yet to be any computer system designed that a hacker can't break out of. If you intentionally download and execute a program, you are rolling the dice, regardless of what the software is.
What's insane about all these discussions is that NOBODY IS HACKING X SERVERS. There's a thousand other kinds of software on Linux that there is real malware for. But nobody is trying to hijack your X11 session. This imagined threat is a red herring designed to bolster the argument for Wayland's horrible designs.
I knew someone who worked for a small loan type company. Passwords were stored in plain text, but even worse, the login form didn't actually check the password at all, it created valid sessions as long as you provided a valid user name.
When he informed his boss that was very bad, his boss simply said that nobody has abused it, and nobody would, don't waste time changing it.
The point, of course, is why would you wait until people are getting hacked to address a known vulnerability?
Sure, there are others, and they should be closed too, and they are when they are found. It makes no sense whatsoever to leave one open just because.
Many distros, if not most distros, disable port 6000+ listening for X.org by default. So, immediately, it's not a remote exploit. OK, so it's scope is already limited to local escalation attacks. Looking at the CVE, the only reason it's high is because (a) X.org is everywhere, (b) you don't need to interact with [another] user to exploit it, and (c) it's not particularly complex to exploit.
That is bad, but it's also behind most of the other security, rather than bypassing essentially all of it like Heartbleed or Shellshock.
So, either I have to have X forwarding turned back on, or have people with SSH access to a server that is also running X. Both of those seem like uncommon situations. You probably shouldn't be running X or permitting X to be started unless you need X forwarding, and X forwarding is a pretty odd requirement given modern application design being so web-browser-focused.
So it might be CVE High 7+ if you're on a system where it's possible to exploit it. But it feels like you shouldn't often be on a system configured in a way where it could be exploited in spite of the prevalence of X.
Essentially: This isn't a rehash of the libXfont problem.
It's the equivalent of HTTP Digest authentication, and nobody's demanding that we rewrite HTTP because Digest authentication. It's in plaintext, so you shouldn't use it; but if a hacker doesn't know the secret, they can't get in.
This feels like you're not understanding why something is called a vulnerability, how they're defined, or why they get rated the way they do. "It's not vulnerable in a best practice configuration," is not the same thing as, "there is no vulnerability." That is incorrect and misleading, and I think you're conflating risk and severity.
The definition used for a vulnerability is [0]: "A weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability." (emphasis mine)
The CVSS score is not a measure of risk. It is a measure based on the qualities of the defect that was identified and how widespread the software is. A higher CVSS score is associated with higher risk, but your risk is going to vary based on your configuration.
All they did was go to the calculator[1], plug in the answers that best fit the definitions provided for what those areas and responses mean (e.g., CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H for CVE-2025-62229), and they get that 7.3 score [2].
[0]: https://nvd.nist.gov/vuln
[1]: https://www.first.org/cvss/calculator/3-1
[2]: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L...
I distinguish vulnerability from weak. The weakness is not necessarily intended, but the question is, does it do what it is supposed to do. Or is there a known bug: non intended possible exploit, that would make it a vulnerability.
If it isn't known then it doesn't exist. But we can assume all software do have bugs.
Digest is part of the http protocol, if the protocol is found to have vulnerability I can imagine it would be dropped and be rewritten. The digest part, not the entire http protocol.
A hacker may not have the password, but manages to brute forces it. Is that a digest vulnerability or does it fall onto the application to integrate some preventing brute force authentication measures?
My take is digest doesn't pretend to prevent brute force attacks.
Some may not agree with that logic, but since about everything is made of a combination of vectors, and that each typically has some weakness, all you get is a balance between usability, cost, and security.
We can make the case for your typical cryptographic signature, or encryption algorithm. ECDSA standing as well respected, solid cipher. Is it vulnerable? It is vulnerable to the potential power of machines we may build in times to come. Quantum or leaps ahead. Will it be vulnerable then? Yes but it isn't a vulnerability. We would then call ECDSA obsolete.
Digest is obsolete yes.
The interesting part about cryptographic methods is that we may know of some being obsolete ahead of time. So long as we can determine they can be brute forced. For now it isn't obsolete despite the existence of quantum resistant alternatives. Hacker news uses ECDSA for the exchange of keys between server and client, then encrypts all connections using another algorithm safe against quantum computers. Thanks. But beyond that, probably not.
Is X obsolete? Vulnerable? Seems like X developers themselves admit it is a vulnerability. They didn't know of the possible exploit. As to the severity? It's often subjective from my experience.
Happy to be wrong, and we don't have to agree.
X11 is a mountain of tech debt that almost nobody wants to maintain.
Do you have some other way of _reliably_ identifying vulnerabilities?
> It makes no sense whatsoever to leave one open just because.
It makes sense to have security options. If I want to leave it fully unlocked, that's my business, and I possibly have good environmental reasons to do this.
What you should really care about are security _defaults_. And in X11's case I'm not aware of any distribution that ships the server with TCP connections to the sever enabled. You have to go well out of your way to even begin using this functionality.
This is irrelevant given that we are talking about known vulnerabilities.
No, you can't reliably find all the vulnerabilities by auditing the code.
Yes, if you audit the code and believe you have found a vulnerability, you fairly reliably are correct in your belief. And should probably take action even if you aren't.
In a context which does not involve them. I simply ignored the subtle goalpost shift and addressed the core issue of the article.
> And should probably take action even if you aren't.
Where they action could include "disabling as a default option." Yes?
I have seen this happen as well. A memory corruption vulnerability in popular software allows unpriv shellcode to reach out and drop a rootkit which loads a rat as a kernel module. Attacker has control. Several big problems.
cobaltstrike beacons blocked. Instead pierce nat with STUN to attacker proxy. Use socket activated VNC/RDP/X.
Why not just steal the sessions and local data? Remote services log access (ip, time, location), easily correlate and forensics would lead back. Local data encrypted at rest, hands on keyboard needed any way since recon incomplete. Are they planning to scan memory for ssh key unlocks or intercept ssh -sk key? This is big, noisy and take developer time. If you log in to a email this leave forensics and is a CFAA violation while risking FAANG security. Attacker needs to shoulder surf.
Most hack is install crypto mining or steal a password. Maybe it is ransom. How do you get 2fa code if you want access to sensitive information? How do you steal hardware keys? You can back door browser, MitB but it gets updated away and you lose access. back door anything and lose access or discovered.
This is not a advanced attacks but it is targeted attacks. People are saying x server never get hacked, but computers get hacked. with X11 the chain is Exploit -> Game over. with wayland you need to go farther.
~/.profile
~/.env
~/.xprofile
Exploiting TMPDIR, /tmp race conditions, ~/.mailcap and mutt (I used that to get access to 'premium' binaries under restricted accounts).
If you have Emacs you can do tons of stuff from a single account.
And so on.
I agree in a little way to what you say, but if you can write .xprofile you can with no work escalate from the x socket.
No idea of course if the threat model that said boss had in mind made sense. But I always recommend to come up with a reasonable threat model first and then think you can harden against it.
Wayland doesn't need X11's vulnerability as its only argument, Wayland is a much simpler design that is easier to iterate on because it doesn't assume the client and server are on different machines. The fact that it moves privileged APIs like screen capture behind portals is a bonus.
It depends what features you care about. X11 doesn't have tear-free video playback, HDR, or as good a security model as Wayland.
HDR would fit in the X11 model of many bit depths, however the specifics don't really; afaik, X11 has a maximum bitdepth of 32 for pixel values, which means either limiting to 2-bits of alpha channel or using palettes (I think I saw that indexed colors can be defined with 16-bits per channel). An extension might be possible (with everything that brings), but I think the ship has sailed.
I agree that Wayland's security model prevents some undesirable interactions that X11 allows, but it also prevents or makes difficult some desirable interactions, so it's a mixed bag.
That is so true, I wanted to have a typing sound from my pc everytime I typed on wayland and I looked at LITERALLY every single solution and none of them worked... simply because of the security model of wayland (so things like Mechvibes and alternatives don't work generally speaking)
On one hand, its a good thing to prevent things like password injection etc. but on the other, really?
I got frustrated and I created a lot of github issues on every such project if they said that they are working on wayland and I didn't care if it meant running it as sudo, I just asked them kindly if there was a way or not/ what's the issue here
There are still times where I get a lot of notifications simply because someone commented on those issues
So naturally a lot of people are/were frustrated about it. Not sure if its a good thing or not, but I 100% agree about this comment of yours
Another big issue imo to me feels like ssh, X servers ssh forwarding/vnc just works, Yet I haven't really found ways to do things like VNC on wayland on a server or something as easy (or even possible?) on wayland as compared to x servers, Please let me know if there are apps which do this though, I know about weston but I haven't found ways to work with it/make it work (maybe my skill issue)
Are there any solutions to these things though? Fundamentally that mechvibes things requires an app to view the key from every other application and make a sound, Nothing stops it from being a key-logger as well if it had that capability and Wayland was created with a better security model but as you say and I experienced, that security model comes up with its own compromises and I am not sure if that's a good thing or bad thing....
Waypipe[0] for native Wayland applications, and if you need to forward X11 apps there's xwayland-satellite[1].
You can hook xwayland-satellite with Waypipe and forward X11 apps through Waypipe. This way you get even better performance than with traditional X11 forwarding methods.
The other day I was playing Steam/Proton games through the network this way.
Of course, X11 forwarding also works fine on Wayland with ssh -X, but as I said, consider Waypipe + xwayland-satellite.
waypipe just works too. That replaces any reason to do SSH forwarding.
Also some desktop like Gnome (maybe KDE has similar feature?) offer remote desktop. In Gnome's case it is using RDP protocol instead of VNC.
Waypipe is supposed to help replace things like remote X. I'd be surprised if there's no vnc server that offers a wayland desktop... that would be a big missed opportunity.
For your noisemaker, I think you might have a better time integrating at another level. Either intercept the inputs before the display server gets them, or integrate into the display server itself. X was more flexible, but as long as it's just typing -> noise, you don't need it to have the same architecture as it did in X.
[1] Wayland has no compelling features for me, and X remains viable for me as well. At some point, hardware support might be compelling, or IMHO, something will come to replace Wayland and X that is compelling.
Yes, this should be workable, assuming your compositor is compatible (a meaningful caveat, but not insurmountable):
* To forward one application like `ssh -X`, you want waypipe
* For VNC, it really depends on your compositor, but wayvnc works for many of them. (And GNOME does their own thing and I think KDE has their own official option)
On a separate note, I think it's probably true that Wayland has significant drawbacks that preclude it from being an obvious replacement.
Everybody is pushing it and trying to convince the people who have problems with it that it's completely fine and their problems aren't important (like blind people being completely unable to use the computer).
At some point the pipewire of display will come along and we'll all forget wayland was ever a proposed solution.
You know what's bloated? Replacing all those functions with custom bash scripts or worse system services.
Er. I have Linux boxes that have 128MB of total RAM doing useful work in my house (not using systemd). This is not the win you think it is.
That’s absurdly high for a headless system that’s doing nothing. There are countless millions of embedded devices doing useful work today with 1/10 the RAM. They run modern Linux just fine without the ridiculous bloatware.
Also, what's bloated about systemd? It's a C binary, while I suppose you are into a ridiculous line-by-line textual interpreter?
There are things like https://github.com/Sweets/hummingbird which, I, not even a C person can understand and appreciate its simplicity.
I am not saying that we always need such simplicity, but that I am merely giving an opinion that there are people who actually want to understand what they are running as their root and this sense of "control" really is so hard to get from things like system-d
System-d is also thus a little "bloated" compared to other inits which really show in systems like containers etc. where most developers if possible try to have alpine containers (I have seen this especially so much in golang/rust communities partially because golang is mostly static available and rust can be done the same too or compiled with musl pretty easily)
As such, personally, I can understand both systemd and other init systems, I feel like there are some guides which prefer using hummingbird etc. (https://github.com/comfies/tldrlfs) and I feel like for actually understanding "linux" from linux from scratch, other inits can be good.
Another minor nitpick I have of systemd is that its glibc based, Glibc has some of the weirdest complexities I have ever seen and a lot of package management in my opinion has been built around it and personally it feels like the decisions were made in a different era where different types of resources were constrained and updates weren't as widespread but now it has been a mess which is why we need so many linux distros in the first place with their opinions and package management
I genuinely prefer musl for this, So I prefer things like alpine/void in the process as well yet to me, freedom matters a lot. There should be a freedom of choice in such matters and systemd severely restricts it for many.
I feel like systemd is way too ambitious and which is why it requires glibc to be more feature complete in the first place, not sure if its a good or bad thing but I am merely stating what I feel like.
As I said, I have nothing against systemd myself but I am just giving the nuance I felt like, as I was trying to build my own linux distro trying to make it hyper compact and I came into this rabbit-hole, My philosophy almost was out of curiosity regarding what are the smallest systems which are still functionable (Hint: its tiny core linux which is an absolute pleasure although it isn't "secure" partially because they run everything as root If I remember correctly but )
>We are running systemd with all bells and whistles on Raspberry Pi based 1 GB RAM systems. systemd-networkd, iwd, timers etc. The base usage barely touches 350 MiBs
Okay but what are your thoughts on alpine, Alpine's motto or the first thing you see in bold letters on their website (https://alpinelinux.org/) is
Small. Simple. Secure.
Alpine Linux is a security-oriented, lightweight Linux distribution based on musl libc and busybox.
Combined with either gcompat to run glibc or personally I genuinely prefer golang/rust applications (mostly golang) like running gitea on alpine etc. and I found it to be an absolute pleasure server side to work with mostly, except sometimes software download especially python when I was running alpine on android using userLand was a somewhat-issue but maybe I had skill issue or something but I genuinely learnt a lot trying to install python on it.
Bun/Deno just works out of the box, in fact deno is even available in the apk format of alpine out of the box
I truly love alpine/appreciate its message. I feel like systems should be small partially because that means that such software could run even on much older systems just out of the box
Alpine features raspberry pi images and there is dietpi which has some decent low iso file sizes, Check them out as well if possible
Personally I love alpine but I also love the idea of using debian or some immutable distro which uses systemd and then running alpine in container, it seems to be the best of both worlds really.
The first 24h of me using it, I found 3 different bugs in journald where it was losing data.
I'm currently using systemd, but it was far from being ready when all the fanboys with very basic use cases were insulting anyone who complained about it.
There's no real reason it can't do any of that, it just doesn't and there are no real plans to add these features.
I'm not convinced by the "if you run a program you should assume you've already been hit by a CIA 0day". Obviously nobody is dialing into your X11 server from the internet, but this is a relatively easy nobody:nobody -> root/wm-session/whatever elevation of privilege.
Any program you incidentally run within a typical graphical user session will have access to the X socket and a cookie, they will be able to connect. And after they connect... They basically just can do anything they want with zero real restrictions, including most likely some fairly trivial paths to root escalation. Even if they're running inside of a sandbox or container, with only an X11 socket poking through.
This problem was realized a very long time ago with the security extension but most of it never really caught on.
> Any program you run on a computer (especially a Linux computer, which lacks modern OS security measures and has constant privesc kernel holes) exposes you to security flaws. There has yet to be any computer system designed that a hacker can't break out of. If you intentionally download and execute a program, you are rolling the dice, regardless of what the software is.
If you believe this is true, then what exactly is the point of any security measure? Why bother using isolation and sandboxing, or passwords? Why does Windows bother patching flaws if they know there are certainly more of them and they will never fix them?
Do you by chance also smoke because you're going to die anyways?
> What's insane about all these discussions is that NOBODY IS HACKING X SERVERS. There's a thousand other kinds of software on Linux that there is real malware for. But nobody is trying to hijack your X11 session. This imagined threat is a red herring designed to bolster the argument for Wayland's horrible designs.
Lol. That's primarily because the Linux desktop is utterly irrelevant, not because nobody would care to do it. Is it really surprising that attacks against desktop computers would focus almost entirely on the OS that has 90+% of the market share? We don't get free software OS desktop malware for the same reason we don't get free software OS software ports.
Watching and waiting with security was a totally acceptable position in the 90s, but we get the general gist these days. We need security-by-design.
On the server side of Linux where Linux is relevant, the situation is much more impressive; auditing using eBPF, sandboxing with gVisor, microVMs with Firecracker and cloud-hypervisor, isolation using namespaces and seccomp-bpf and more.
On the desktop side, people are still arguing over whether or not it's a problem that any X client can by default silently keylog the entire system trivially. Okay, but a lot of us actually see that as a problem, and we're not interested much in "hearing you out". Most of us recognize that the Wayland protocol has warts (and too many damn protocols), but X11 has many more warts. I didn't care what was the successor to X11 specifically, I just cared that we eventually made some progress. Most people have nothing to offer here and just suggest we should've stuck with X11. Okay dude, but nobody wants to. The X.org devs would like to move on. The desktop environments really would like to move on. There was basically one serious guy that actually wanted to work on improving X11 and he turned out to be kind of crazy and couldn't stop breaking shit anyways.
There are problems with both X11 and Wayland, although I dislike some of the features of Wayland.
That said though, that does require you to proactively run every X application with this sandboxing. For Qubes which forces everything into VMs this is doable, but for most other systems there isn't an obvious way to handle this sort of thing.
My only major complaint about Wayland that can't just be fixed relatively easily is Mutter refusing to support SSD. (Well, the actual technical problem could be fixed relatively easily, but the social one not so much.)
https://doc.qubes-os.org/en/latest/developer/system/gui.html
This makes sense though, given the way clipboard works in Qubes. I think I must've entirely mistaken how Qubes works for an entirely different scheme.
Why would this be likely?
Needless to say, though, if the user doesn't have anything open with root privileges or cached sudo, then you probably won't be escalating to root with only X11. You'd have to wait for something to crop up. I'd reckon though if you are resident for long enough during a desktop session you'll find an opportunity. (And on most desktop systems that still, of course, leaves the usual points of interest outside X11. But if you wanted a way to escape, say, Flatpak containment, this is definitely a good start.)
¹. I used to use this and also fixed some bugs in some programs. The main problem when I last checked a decade ag was that some important extensions such as composite would need to be exposed to untrusted clients.
The Wayland keylogger acts like an application; all Wayland compositors will only send key events to the focused surface, so the user has to focus an active surface in order to get key events. Even in the scenario where you've LD_PRELOAD-hooked all applications, you still will never get the lock screen password, as the compositor never sends it out across the wire.
LD_PRELOAD is problematic from a security perspective, but it's not Wayland-specific: the same issue is true for CLI applications and X11 applications, and any attacker with the ability to write files could also just replace your binaries with malicious ones (stuff them somewhere into ~/.hidden, and then add a $PATH entry to the start).
I wonder how this debate was mainstream? did some gamers try to squeeze 3 extra percent by taking the protocol out of local stacks? there must have been better ways to do that, without throwing out all X11 benefits?
to this day I'm annoyed I can't have a decent window manager integration on gWSL because the compositor doesn't implement the full window manager protocol.
Control upstream, then companies wanting solutions will go to you first. Because why go to someone else in the FOSS market, when there is no certainty the code or standard (extension, protocol, etc) will get accepted, forcing you to maintain a fork? With IBM-RH and Ubuntu doings eg., it's hard to say FOSS is immune to vendor lock-in.
Wayland is open source with a fixed core protocol that's extremely stable, which anyone can build on. New protocols are constantly proposed. The core is minimal and defines how applications interact with the compositor to render and produce the final output. Control by a single entity is virtually impossible. Wayland ensures everyone has a voice because it's an open protocol which means discussion and development are done in the public.
specifically the wslg stack does not enable Linux gui apps to smoothly integrate with the Windows window manager, because some bits are missing in the Windows Wayland stack, clipboard, window decorations, thumbnails, maximize into a part of the monitor? nope. and no patches taken. supposed you figure where to offer them and how.
This is incorrect. Kristian Høgsberg has explicitly stated that a primary motivation for Wayland is the reduced need for a central X server, as many programs already bypass it.
Wayland is an evolution of the previous design. X11's architecture had clients sending drawing commands to the X server, a method that became limited and required extensions over time. Wayland's approach is: applications perform their own rendering into their own separate buffers, then tell the compositor when they are ready. The compositor takes those buffers to produce the final image.
Because those buffers are separate, enhanced security is a direct side effect. Wayland is the result of decades of experience and represents the current way of doing things.
Xnamespaces looks to be more promising, but as far as I can tell that's still a WIP with little documentation, and from the documentation I can find it looks like it still breaks things like clipboard functionality.
Permission system? X11 with a permission system is the next logical step for Unix graphics. There is absolutely no need to break 40 years of graphic software, or throw away 40 years of accumulated features.
Who exactly should and can control the horde of OSS developers?
In 2000.
Solaris 10 had it built into the base OS and integrated into both the CDE and GNOME desktops they shipped. With OpenSolaris it was released as open source under the non-GNU CDDL license.
In November 2006.
Wayland was started in 2008.
root 34595 2.7 0.4 26146280 532248 tty4 Sl+ Nov13 783:33 /usr/lib/xorg/Xorg vt4 -displayfd 3 -auth /run/user/1000/gdm/Xauthority -nolisten tcp -background none -noreset -keeptty -novtswitch -verbose 3Note you have multiple virtual consoles which can have independent X servers.
Good point about display manager though, I suppose it's not using Xorg then as I do know there is a login screen waiting at vt1 but that's the only Xorg process. Maybe the gdm3 incorporates a Wayland implementation in Debian 13.
And going to rabbit hole there are even proof of concept security implementation named Xnamespace for Xorg fork (needs polishing and much more patches but looks doable. see wip documentation: https://raw.githubusercontent.com/X11Libre/xserver/d2b60a3d6... )
Which, well, we do. Practically all the X usecases are covered on Wayland systems now. Screen sharing, screen clipping, global hotkeys, file pickers, getting the window title like you said... I can do all of that on KDE, right now, under Wayland.
The proper thing Wayland should've done is waited until Wayland had reached feature parity with X, then released it to the world and started acting like it's the future.
> The proper thing Wayland should've done is waited until Wayland had reached feature parity with X
How on Earth would you expect a fundamental protocol to be developed behind closed doors?! Wtf even.
Yeah but again this fragments the ecosystem massively. If people really wanted flexibility they could've just made it a configure option or something equivalent?
> How on Earth would you expect a fundamental protocol to be developed behind closed doors?! Wtf even.
Your making a pretty big assumption here, aren't you? I never said it had to be developed behind closed doors. It's the "lets just obsolete X11 even though Wayland can't even replicate a quarter of it's functionality right now now now because of security security security" that irritates me. If they had worked on Wayland and obsoleted it once they had reached feature parity, that would be releasing it to the world. Then they would've had far less friction and the transition would've been a lot smoother. Would it have delayed Wayland by maybe a decade? Sure, but I see little issue with that. IMO that probably would've made Wayland even better.
1. Claiming XFree86 evil
2. Forking it as X.org
3. Shortly after all distros finished switching to X.org, declaring it obsolete and announcing wayland
4. stopping any major development on X.org immediately even though it's was the one and only option at the time
5. and channeling all development resources (not only on the display server, but also downstream users like toolkits, DEs etc.) to rewrite their code for a protocol that wasn't even gonna be usable until a 10+ years later
6. Depraving Linux desktop users from 10-15 years of improvements and making Linux graphis stack stuck in 2000s
wasn't hijacking the Linux graphic stack?
I mean had Steve Balmer wanted to sabotage Linux in desktop he couldn't do better
The main mistake FD.o made is that they didn't get consensus on a "Desktop Profile" extension, so all the DEs wound up implementing their own thing. This is still fixable, just very annoying until we have agreement on this shit. I think that's what you meant by "feature parity with X".
[0] Currently, every desktop VR setup has to have two layers of compositors. VR applications have to communicate with a special VR compositor that then draws normal desktop windows with the contents of what should be hitting each eye of the VR display, all so it can pretend to be two normal displays.
An antidote on non desktop use of X: the other day I wanted to show a program on my phone, there are many good ways to do this, but I picked none of them. Instead I had just installed a terminal on the phone and noticed they had an X11 package, So A few minutes later I was the proud owner of an X server on a phone. And you know what... It was pretty great. My gaming system load and temps dashboard were displaying just fine.
Despite using X for many, many years, I had never just sat down and played with a bare X server, I had only dealt with it through the lens of a locked down, encumbered desktop system. It was like having a network attached monitor. From whatever system I was using as a desktop system I could just go "display this on that monitor", in this case a phone. Based on that experience I put a raspberry pi on my TV running a bare unprotected X server because having a network attached monitor rocks.
It's not inherent. If I change to another X DE, I can keep all my other programs and the features they implement.
Are you sure? I looked at that earlier this year for a personal tool I wanted to create and found no way to do it on Wayland (On X, I did it just fine).
I had a long back and forth about this very thing with both Claude and ChatGPT, and neither conversation was fruitful: every option had some dependency (like switching to KDE, or similar).
Hey come on man, a locking screen saver is a totally niche application. No demand for that.
https://www.jwz.org/blog/2025/07/xscreensaver-wayland-and-lo...
Maybe, just maybe, some people know what they want, and if they want applications that can put themselves in specific corners, why shouldn't the desktop let the applications do that, if the user is OK with it?
The deal here is that the only way to fix X11's security issues is by breaking all those types of workflows and forcing application rewrites to implement them in authenticated ways.
So if you are going have to go and break all that stuff, why not fix a crapload of other problems while you are at it?
Calling Wayland "X13" may have avoided a lot of misunderstandings, but it probably would of caused others.
Maybe it's both? There are applications with good reason that need to chose their location themselves, and users who want that type of behavior, so it's definitively not just a security issue.
X.org developers, not X11 developers.
This has nothing to do with X11 or even UI at all. You should not run any low-trust program whatsoever (outside of a container). Any program that runs as your user can change your ~/.bashrc or any other file on your homedir.
Of course this is a feature that you want, for example when you edit these files with a text editor.
Alan Coopersmith in particular. He even fixed a bug I reported. :)
(I forgot in which app it was but the bug report should be somewhere still; it is not old, perhaps 2 years ago or 3 years ago. The xorg app in question behaved oddly when doing "--version". I only noticed this because I wrote a ruby script that displays which version of programs are installed, and that one kept on making problems, whereas the others worked fine. After I reported it, Alan fixed this very quickly. I think it was some missing flag in the C program or something like that; right now I can not remember the name of the program ... my brain tries to say xrandr but I think it was not xrandr but a less frequently used program somewhere in the FTP listing ...)
Back in 1996 the level of X integration in Tk was awesome; I had a shell tool that could make Netscape do stuff by firing MIT magic cookies at it.
In a contemporary setting, it's pretty horrifying.
The send command in Tk is lel, but can easily be effectively closed by rebinding it to a no-op.
And they’d rather spend their energy on giving you a compelling reason to switch, rather than using it to add to the reasons for staying on a project they now consider obsolete.
You may disagree with their assessment, but you can’t blame them for how they decide to prioritize.
They certainly say that to people a lot. Oftentimes the person saying it is young enough that I wonder how much time they spent working on X.
So I doubt age is the deciding factor ;)
How is this possibly the most charitable reading of parents comment, and honestly, do you think that's what they meant? You can't read that in some other way, where maybe parent wasn't actually asking about time traveling but something else?
"Preventing" the vulnerability would indeed require going back to 1994. Since it is a vulnerability that has existed in every display server released since then.
I also said "would it have" -- I don't really care about timeline. Obviously Fil-C is a recent development, that doesn't make the question I asked any less interesting.
> Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith.
Perhaps next time, resist the urge :)
It does. I have lots of documentation to show exactly how and why.
> It is a hobby project by a dilettante.
Wow
You could say the same about thousands of open source projects on which trillion dollar companies depend on. Maybe these kind souls deserve more respect, buddy.
If it was the other way around, would an open source or whatever project have been able to take Twitter.org?
Fil-C exhibits the lowest overhead in code that spends its time on primitive bits.
Fil-C exhibits the highest overhead in code that chases pointers.
I'm assuming X is the former. Weston seems to be.