21 Sep
2016
21 Sep
'16
5:57 p.m.
On Wed, Sep 21, 2016 at 5:33 AM, Yawning Angel yawning@schwanenlied.me wrote:
Where: https://git.schwanenlied.me/yawning/sandboxed-tor-browser
X11 is a huge mess of utter fail. Since the sandboxed processes get direct access to the host X server, this is an exploitation vector.
Is anyone actually actively throwing the full audit gamut at X11 these days, or is it still just one giant pile of 30 year legacy waiting to explode?
Really, just fuck off and leave me alone.
Oh no, the concept of one toplevel sig over a pile of embedded sigs and infrastructure underneath, is useful. Kindof like how signing a monotone or git repository is useful... a single and simply checkable root from which all crap piles floweth.