Is Xorg actually bad for security?

Recently, in I think a subservience report, Henry stated that “If you care at all about security use Wayland” and was wondering what does Wayland do for security that Xorg doesn’t offer? I’ve never gone into Wayland at all since from what I’ve been told it’s not ready for day-to-day use.

1 Like

Yes. It’s a pretty significant difference. The main issue is that there is no isolation whatsoever between programs in X11, so any program on your computer can sit in the background and read data and keystrokes from any open window.

X has plenty of other non-security problems anyways. The general recommendation nowadays is to always use Wayland unless you use a program that absolutely doesn’t work with it yet.

1 Like

Jonah’s explanation is one of the main arguments against using the average Linux distro. Wayland solves this, but I don’t know the technical details of why.

As to the question of usability, I’m running Fedora 36 with Wayland and have no issues. That being said I have heard others complain about problems. Adopting Wayland is in keeping with Fedora’s value of trying to be first to use new technologies, so there is more work to be done.

Depending on your distro, consider using Wayland yourself and see if it works for you as of today. Hopefully in the next 6-12 months more mainstream distros will start to have it on by default as seemed to be the case with Ubuntu 22.04 (I think Wayland was default in the beta but not in the stable release).

I believe it is fully functional, unless you have an Nvidia GPU - still not working with those. Otherwise, you should be fine though :+1:

Looks like you don’t use OBS with window capture!

Wayland is about 95% usable currently, there are just a few problems, but even those are already getting “fixed”.

You most likely will be able to use Wayland without any usability difference, unless you want to use some weird WM that does not support Wayland (or has no “Wayland fork” like sway as a replacement for i3).