Y
Hacker News
new
|
ask
|
show
|
jobs
by
amouat
3967 days ago
There's no reason a Docker container has to run as root. The daemon does, but that's another issue.
1 comments
audidude
3967 days ago
If you are connecting to X, it doesn't matter. You can attack all other X11 clients by design. This is why GNOME is pushing so heavily on xdg-app (for the sandbox) and the wayland-enabled GNOME shell (so apps can't snoop on each other).
link
timthelion
3963 days ago
Subuser uses XPRA, so it shouldn't suffer from this problem:
http://subuser.org/news/0.3.html#the-xpra-x11-bridge
link
anthk
3967 days ago
Wayland doesn't have the Xinput disaster.
link