Bug 99338 - Weston, please allow command line options to Xwayland. with firejail, this can prevent non x11 apps spying on x11 apps
Summary: Weston, please allow command line options to Xwayland. with firejail, this ca...
Status: RESOLVED MOVED
Alias: None
Product: Wayland
Classification: Unclassified
Component: XWayland (show other bugs)
Version: unspecified
Hardware: Other Linux (All)
: medium normal
Assignee: Wayland bug list
QA Contact: Xorg Project Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-10 03:19 UTC by pixelfairy
Modified: 2019-05-10 15:36 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description pixelfairy 2017-01-10 03:19:02 UTC
for example, Xwayland could have command instead of path

[xwayland]
command=/usr/bin/Xwayland -nolisten tcp -nolisten local

then sandboxes like firejail can make local x servers for apps that cant see eachother, or prevent an app from seeing x11 at all, without having to make a new network namespace.
Comment 1 Daniel Stone 2018-06-04 07:18:38 UTC
That's interesting - how do you ensure this with firejail? Does it ship a patched Xwayland to add a new path?

Also, we would need to separately add this to each of Weston, Mutter, KWin, Enlightenment, Sway, Rootston, etc.
Comment 2 GitLab Migration User 2019-05-10 15:36:14 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/wayland/weston/issues/238.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.