blog

https://blog.ce9e.org
git clone https://git.ce9e.org/blog.git
commit
825a058159752be2746a81fb10e1d4c399106313
parent
c56a80d981346d36615a3ffc4f170b171ff3b7ab
Author
Tobias Bengfort <tobias.bengfort@posteo.de>
Date
2026-03-04 05:47
wayland security: add link to another relevant discussion

Diffstat

M _content/posts/2025-10-03-wayland-security/index.md 5 +++--

1 files changed, 3 insertions, 2 deletions

diff --git a/_content/posts/2025-10-03-wayland-security/index.md b/_content/posts/2025-10-03-wayland-security/index.md 

@@ -115,8 +115,9 @@ interfaces, and any non-sandboxed processes can access them. That is way too
  115   115 much attack surface for my taste.
  116   116 
  117   117 The big question for me is whether the `WAYLAND_SOCKET` approach I described
  118    -1 above is a step in the right direction or mere security theater. I have a hard
  119    -1 time deciding either way.
   -1   118 above is a step in the right direction or mere [security
   -1   119 theater](https://github.com/swaywm/sway/pull/3088#issuecomment-456089038). I
   -1   120 have a hard time deciding either way.
  120   121 
  121   122 Next I would like to look more into sandboxing to see if I can apply more
  122   123 general restrictions, especially to terminal applications.