The Linux Security Circus: On GUI isolation

There certainly is one thing that most Linux users don't realize about their Linux systems... this is the lack of GUI-level isolation, and how it essentially nullifies all the desktop security.
So, let me stress this one more time: if you have two GUI applications, e.g. an OpenOffice Word Processor, and a stupid Tetris game, both of which granted access to your screen (your X server), then there is no isolation between those two apps. Even if they run as different user accounts! Even if they are somehow sandboxed by SELinux or whatever! None, zero, null, nil!
The X server architecture, designed long time ago by some happy hippies who just thought all the people apps are good and non-malicious, simply allows any GUI application to control any other one.
-
- Login or register to post comments
Printer-friendly version
- 1598 reads
PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
today's howtos | Graphics: VC4 and AMDVLK Driver
|
AMD Ryzen 7 2700X Linux Performance Boosted By Updated BIOS/AGESA
With last week's initial launch-day Linux benchmarks of the Ryzen 5 2600X / Ryzen 7 2700X some found the Linux performance to be lower than Windows. While the root cause is undetermined, a BIOS/AGESA update does appear to help the Linux performance significantly at least with the motherboard where I've been doing most of my tests with the Ryzen 7 2700X. Here are the latest benchmark numbers.
| GNU: The GNU C Library 2.28 and Guix on Android
|
Recent comments
5 hours 55 min ago
7 hours 32 min ago
7 hours 34 min ago
7 hours 48 min ago
7 hours 59 min ago
18 hours 14 min ago
1 day 2 hours ago
1 day 2 hours ago
1 day 9 hours ago
2 days 11 hours ago