• lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    12
    ·
    3 months ago

    It actually is because of Wayland design. In their quest for “security” they’ve made it impossible for automation and accesibility tools to do their job.

    It’s a glaring omission in Wayland going forward, for zero gain. Most of the touted Wayland security advantages are hogwash.

    • thedeadwalking4242@lemmy.world
      link
      fedilink
      arrow-up
      7
      ·
      3 months ago

      I mean if it’s goal was to prevent scripts from using the graphics env maliciously then it seems to have made some progress if you can’t even automate it with good intentions

      • lemmyvore@feddit.nl
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 months ago

        We need to keep a balance between security and convenience, to avoid systems becoming too awkward to use. Wayland tipped this balance too far on the side of security. Malicious local exploitation of the graphics stack has never been a big issue; consider the fact that someone or something would need to compromise your own account locally, at which point they could do much worse things than moving your windows around. It’s not that the security threat doesn’t exist, it’s that Wayland has approached it at the wrong end and killed a lot of useful functionality in the process.

        Also consider that this issue has existed for the entire history of desktop graphics on *nix and nobody has ever deemed it worth to destroy automation for it. If it were such a grave security hole surely someone would have raised the alarm and fixed it during all this time.

        My opinion is that Wayland has been using this as a red herring, to bolster its value proposition.

        • winterayars@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          ·
          3 months ago

          Technically i think the worst they could do would be to record your screen. (Barring some extra fancy exploits or something.)