2

I'm new to Linux and want to understand if X11 is really as dangerous as they say on the Internet?

I will explain how I understand this. Any application launched from under the current user has access to the keyboard, mouse, display (screenshot), and this is not good. BUT, if we install programs from the official repository (for example, for Debian), which are unlikely to contain keyloggers, etc., then the danger problem is clearly exaggerated. I am wrong?

Yes, you can open applications on separate servers (for example, Xephyr), but this is inconvenient, since there is no shared clipboard. Creating a clipboard based on tmp files is also inconvenient.

Dstart
  • 131
  • 1

1 Answers1

3

I will explain how I understand this. Any application launched from under the current user has access to the keyboard, mouse, display (screenshot), and this is not good.

This is more or less true of all current operating systems. Any executable has access to everything the user it runs as has access to.

It is changing, with more sandboxing appearing. Snaps in (mainly) Ubuntu is one way of sandboxing applications. The snaps can only access defined interfaces by default. Another is the granular permissions on iOS and Android; you can deny an app access to your contact list, but still run the app.

Things are changing, but as of now, the default is that any application has access to everything. As far as I'm aware, this is the same on Windows; the clipboard API is requires no special privileges.

For now, the general rule for general purpose operating systems is simple - don't run applications you don't trust. It doesn't matter which OS you have - once you run un-trusted software, it's not your computer anymore.

vidarlo
  • 12,850
  • 2
  • 35
  • 47