[the__alchemist]

The hoop I recently jumped through:

There's a type of input called "DeviceEvent" which is a bit lower level than "Window event". It also occurs even if the window isn't "active".

Windows and X11 support this, but Wayland doesn't except for mouse movement. I noticed my program stopped working on Linux after I updated it. Ended up switching to Window Events, but still kind of irritating.

[fc417fc802]

Isn't being able to read input while unfocused a huge security issue?

Meanwhile if you have root you're still free to do so directly.

[the__alchemist]

I don't think so, and it's something every Windows and X11 Linux application can do. Perhaps this perspective is a divide between people writing/using applications, and those using/writing web servers? But maybe the Wayland team disagrees, and this is one of the reasons for this restriction? I'm speculating.

[1718627440]

A Display server is not a security boundary. If you want that start your processes as different users.

[ChocolateGod]

> If you want that start your processes as different users.

How does this make any difference if they're going to connect to the same IPC that handles input/display?

The display server must absolutely enforce some kind of security boundary between clients. Clients that are running untrusted code (e.g. a web browser) must not be able to hijacked into controlling a potentially privileged client (e.g. a root terminal).