[play_ac]

>I've never heard of anyone having an X11 security problem in the last 20 years.

Here's 6 CVEs just from last month. Check the mailing lists and you'll see many of these going back for years and years.

https://lists.x.org/archives/xorg/2023-October/061506.html

https://lists.x.org/archives/xorg/2023-October/061514.html

And before you say this is not what you meant, the X server and X client libraries do very little anymore besides parsing untrusted input and passing it somewhere else. That's its main purpose and it's completely bad at it. And because it's X, this input can also come from over the network too so every normal memory bug can also be an RCE. This is probably the single biggest attack vector on a desktop system aside from the toolkit. It's the exact wrong thing for anyone to grant access to every input on the system.

This is not just my personal opinion or me giving anecdotes either, this is paraphrasing what I've heard X developers say after many years of patching these bugs. But that's not even the whole problem as I'll explain shortly.

>But for actual computers you control it just isn't (a problem). Wayland for "security" is cargo culting smartphone user problems. It's not actually a real issue.

Yes it is a problem and no it's not cargo culting. Practically speaking the X11 security model means every X client gets access to everything including all your passwords (and the root password) as you type them, and subsequently lets every X client spawn arbitrary root processes and get access to your whole filesystem including your private keys and insert kernel modules or do whatever. If you actually think this "isn't a real issue" then you should just stop using passwords, stop protecting your private keys, run every program as root, and disable memory protection: because that's what this actually means in practice. No I'm not exaggerating. The security model of X11 has no idea about client boundaries at all. This is completely unacceptable on any other OS but for some reason it's become a meme to say that only smartphones need to care about this. Really? Come on.

>I use the keyboard/mouse sharing in X11 (via synergy) and I have for 20 years. It is vitally important to my workflow. It works on dozens of different OSes including linux. But not the waylands linuxes. Any graphical environment that can't do this is useless to me.

X11 can't do it securely so I would say that's as useless as not implementing the feature, if you have to compromise your security in order to get it.

The feature will be implemented in Wayland eventually when the design for a secure API is finished. There are people working on it now. In comparison, X11 is probably never going to gain a secure way to do that.

[superkuh]

Uh... don't expose your X.org server to the internet naked. I thought this was obvious. All the problems you mentioned go away. Who exposes X to the net anyway? That's not something a normal desktop install does.

It is cargo culting. It's not actually a problem that my applications are powerful and can do what I want them to do. It is a problem that other locked down OSes like Macs and smartphone systems are not in the user's control and programs cannot do many things by design. This is because on those systems the users are not in control of what is running and the OS makers believe they know better. If they can't do it it is useless (no qualification re: fantasy security issues needed).

... sharing keyboard/mouse with synergy/barrier/etc is secure.

[play_ac]

>Uh... don't expose your X.org server to the internet naked.

This is not something the X maintainers can say. They can encourage people not to do it but if they stop maintaining that feature then the complaints start to roll in because someone somewhere was using it. If you think this situation is awful then yes, you're starting to get it: X is in a bad spot where these broken insecure features are holding else everything back and will continue to do so as long as people depend on it. At best they can disable it by default and make it hard to accidentally re-enable it, which is what they've already done.

>That's not something a normal desktop install does.

Yes, most normal desktop installs don't use X11 in any capacity. They use Microsoft Windows.

>It's not actually a problem that my applications are powerful and can do what I want them to do.

I notice you didn't actually respond to my comment about stopping using passwords and private keys and running everything as root. Because I'd bet even you draw a line somewhere, in a place where you think it's a risk to give an application too much power.

>It is a problem that other locked down OSes like Macs and smartphone systems are not in the user's control and programs cannot do many things by design.

This has absolutely nothing to do with Linux or even on those systems either. It's not actually a problem there. If you have root on the system then you are in control and can do whatever you want anyway. The purpose of setting security boundaries and not running everything as root is because not everything needs to access everything else all the time. The security model you're suggesting became obsolete by the mid 1990s.

And let me say this again so it's perfectly clear. When you use X11 there is effectively no security boundary between any X11 clients. So if you start up your root terminal or you use sudo or anything else like that, then any other X11 client on the system also gets root. This is unacceptable and I can't believe I still have to continually point this out to long time Linux users that should be technical enough to understand. It doesn't even matter if you personally think it's fine to run everything as root: maybe you do. But as a user you should have enough understanding of the system to know that this absolutely is not ok for lots of other users and it's simply not appropriate to be shipped as the default in the year 2023.

These are not fantasy issues, these are actual issues that the underlying system was purposely designed to fix. X11 pokes a huge gaping hole in it.

>sharing keyboard/mouse with synergy/barrier/etc is secure.

No. On a typical X11 install it's not, because it relies on insecure APIs.