Conversation

Notices

Embed this notice
silverwizard (silverwizard@convenient.email)'s status on Tuesday, 10-Oct-2023 05:29:30 JST silverwizard

As far as I can tell, Wayland's security model seems to be "users doing stuff means they could do bad stuff!"

In conversation Tuesday, 10-Oct-2023 05:29:30 JST from convenient.email permalink
- Daniel Wurzbacher likes this.
- Embed this notice
  GNU Too (gnu2@gnusocial.jp)'s status on Tuesday, 10-Oct-2023 06:02:55 JST GNU Too
  in reply to
  
  make experience working in the corporate world is that is what the lawyers tell us we have to do.
  
  In conversation Tuesday, 10-Oct-2023 06:02:55 JST permalink
  
  silverwizard likes this.
- Embed this notice
  silverwizard (silverwizard@convenient.email)'s status on Tuesday, 10-Oct-2023 06:24:22 JST silverwizard
  in reply to
  - hypolite
  @hypolite perfect
  
  In conversation Tuesday, 10-Oct-2023 06:24:22 JST permalink
  
  hypolite likes this.
- Embed this notice
  hypolite (hypolite@friendica.mrpetovan.com)'s status on Tuesday, 10-Oct-2023 06:24:24 JST hypolite
  in reply to
  
  @silverwizard To this day I still can't read "Wayland" without the Weyland Consortium corporation from the Android Netrunner card game coming to mind.
  
  In conversation Tuesday, 10-Oct-2023 06:24:24 JST permalink
  
  silverwizard likes this.
- Embed this notice
  argv minus one (argv_minus_one@mstdn.party)'s status on Tuesday, 10-Oct-2023 06:27:11 JST argv minus one
  in reply to
  
  @silverwizard
  It's *supposed* to be “apps might do bad stuff, and users might run them without knowing they'll do bad stuff, so let's stop apps from doing bad stuff.”
  Maybe it doesn't live up to that ideal, but that's the ideal.
  
  In conversation Tuesday, 10-Oct-2023 06:27:11 JST permalink
- Embed this notice
  silverwizard (silverwizard@convenient.email)'s status on Tuesday, 10-Oct-2023 06:27:11 JST silverwizard
  in reply to
  - argv minus one
  @argv_minus_one so the issue with "apps might do weird things" but that restricts privileged users. We shouldn't protect people from having fun
  
  In conversation Tuesday, 10-Oct-2023 06:27:11 JST permalink
  
  GNU Too repeated this.
- Embed this notice
  hypolite (hypolite@friendica.mrpetovan.com)'s status on Tuesday, 10-Oct-2023 06:36:32 JST hypolite
  - goatsarah
  @goatsarah @silverwizard I'm less familiar with it, so it only came second to my mind!
  
  In conversation Tuesday, 10-Oct-2023 06:36:32 JST permalink
  
  silverwizard likes this.
- Embed this notice
  silverwizard (silverwizard@convenient.email)'s status on Tuesday, 10-Oct-2023 06:41:02 JST silverwizard
  in reply to
  - argv minus one
  @argv_minus_one so I mean, the permission system existing means the app could edit it
  Apps can do anything, that's their point
  
  In conversation Tuesday, 10-Oct-2023 06:41:02 JST permalink
- Embed this notice
  argv minus one (argv_minus_one@mstdn.party)'s status on Tuesday, 10-Oct-2023 06:41:03 JST argv minus one
  in reply to
  
  @silverwizard
  Right, so there really ought to be some sort of permission system with which to do fun privileged stuff in Wayland.
  That's merely a missing feature, though, not a fundamentally bad design.
  
  In conversation Tuesday, 10-Oct-2023 06:41:03 JST permalink
- Embed this notice
  silverwizard (silverwizard@convenient.email)'s status on Tuesday, 10-Oct-2023 07:29:27 JST silverwizard
  in reply to
  - argv minus one
  @argv_minus_one how do you stop the OS from being a playpen or make screenreaders work?
  
  In conversation Tuesday, 10-Oct-2023 07:29:27 JST permalink
- Embed this notice
  argv minus one (argv_minus_one@mstdn.party)'s status on Tuesday, 10-Oct-2023 07:29:28 JST argv minus one
  in reply to
  
  @silverwizard
  The idea is that, in the future, apps can do anything *if* they have permission to do that thing. You'll trust the app that edits permissions to edit permissions, but you won't give that permission to video games and whatnot. This greatly limits the risk.
  Android has already implemented this system, so it definitely can be done. It won't protect irresponsible users from the consequences of their decisions, of course, but the only winning move in that game is not to play.
  
  In conversation Tuesday, 10-Oct-2023 07:29:28 JST permalink
- Embed this notice
  argv minus one (argv_minus_one@mstdn.party)'s status on Tuesday, 10-Oct-2023 07:49:07 JST argv minus one
  in reply to
  
  @silverwizard
  That gives me an idea: what if the permission system defines roles for apps, and grants exactly the permissions needed for an app to fill its role? If there is a “screen reader” role, then it's obviously suspicious if an app claiming to be a screen reader needs any other permissions.
  
  In conversation Tuesday, 10-Oct-2023 07:49:07 JST permalink
- Embed this notice
  silverwizard (silverwizard@convenient.email)'s status on Tuesday, 10-Oct-2023 07:49:07 JST silverwizard
  in reply to
  - argv minus one
  @argv_minus_one so you envision a blind user navigating a sprawling permission structure before setting up accessibility?
  
  In conversation Tuesday, 10-Oct-2023 07:49:07 JST permalink
- Embed this notice
  argv minus one (argv_minus_one@mstdn.party)'s status on Tuesday, 10-Oct-2023 07:49:08 JST argv minus one
  in reply to
  
  @silverwizard
  I'm not sure what you mean by “stop the OS from being a playpen”.
  Screen readers would need permission to read accessibility trees from other apps, and permission to play audio. They should be denied permission to use the network or write to the file system, so that they cannot exfiltrate this potentially-sensitive information.
  
  In conversation Tuesday, 10-Oct-2023 07:49:08 JST permalink
- Embed this notice
  𒀭𒂗𒆠 ENKI ][e (enkiv2@eldritch.cafe)'s status on Tuesday, 10-Oct-2023 09:23:05 JST 𒀭𒂗𒆠 ENKI ][e
  in reply to
  
  @silverwizard
  this is an excellent description of my least favorite kind of security thinking, thank you
  
  In conversation Tuesday, 10-Oct-2023 09:23:05 JST permalink
  
  silverwizard likes this.

Public

Conversation

Notices

Feeds