andrei/niri
1
0
Fork 0
mirror of https://github.com/niri-wm/niri.git synced 2026-06-21 02:01:55 +07:00
Code Issues Packages Projects Releases 10 Wiki Activity

wiki/security: Mention X11

Browse Source
This commit is contained in:
Ivan Molodetskikh
2026-04-27 00:11:18 +03:00
parent a48f2645d9
commit 7d2b620ce9
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/wiki/Security-Model.md
+2
View File
@@ -29,6 +29,8 @@ Anything with access to niri's D-Bus interfaces can, among other things:
- Record the user's screen via the screencast interface.
- Fully listen to and emulate input from the user's keyboard via the accessibility interface.
Also, while niri doesn't directly integrate Xwayland, it's worth reminding that anything with access to the X11 `$DISPLAY` (which comes both as a socket file on disk **and** as an abstract socket in the network namespace) can intercept and emulate all input and record the contents of any X11 windows on the same `$DISPLAY` (but not Wayland windows).
## Running untrusted clients
Considering all of the above, for running untrusted clients, you need a proper sandbox that: