You have no idea how excited I am for this. I use sway as my daily driver since it supports HiDPI so much better than i3, but the one caveat to that has been firefox and xwayland. Once this ships, sway will have nearly flawless HiDPI support.
"GNOME and KDE have dbus APIs for some (but not all) of these things, and sway has
its own IPC, and other compositors probably have similar solutions. However, they
all use different mechanisms, which means that if you are writing say, screenshot
application you either have to write a different backend for every compositor, or
choose just one or two to support.
"Something all of these types of applications have in common is they need to be able to inspect and/or modify state from other applications or the compositor itself. Which wayland's security model normally prevents. I think a major gap in wayland, is having a way for an application to run with escalated permissions so it can have access to other applications. Unfortunately, I don't have any great ideas on what that would look like."
and then, later in the thread:
"for simple things using the compositor's screen shot tool is fine. But what if I don't like the screenshot tool for my compositor of choice? My experience with the GNOME screenshot tool (granted this was pre-wayland) was that it wasn't as good as, say, shutter, which has a lot of options, let's you easily crop and edit the screenshot from inside the screenshot tool etc. And then swaygrab doesn't even (currently) have an option to capture a rectangular region."
The entire thread linked to above is worth reading.
My own takeaway is that Wayland is just way too immature to compete with X for my power-user use cases.
Window managers can implement their own extra protocols of course, but instead of X11 where everything was standardized and window managers didn't even have to think about it, there is no standard and window managers have to rewrite all the code for it themselves.
As another example, Linux doesn't have just one desktop environment, like Windows or MacOS, would you say that's an "issue", even if it's a deliberate decision?
Luckily, Firefox supporting Wayland doesn't hurt you at all. I'm also very excited about Firefox supporting Wayland. It isn't dropping support for X11.
xclip works fine for me on wayland (Arch), the rest... yeah, colorpicker? doesn't work. Screenshot? Gnome tool works but grabbing an area has a weird tainted color.
In my experience X11 has zero shortcomings compared to Wayland. The code might be ancient and arcane at some points but the performance and features (hello "ssh -X") are actually far superior.
I have never been able to get a tearing-free experience with X11, and I've tried everything to fix it. Meanwhile Wayland is butter smooth out of the box on the same hardware. Security is another obvious advantage of Wayland.
Just another data point: I've never experienced screen tearing in the decades that I've used X.
Also, when I run X just for myself on my own laptop, what security issues do I have to worry about with X that I don't have to worry about with Wayland?
That's interesting, because I've had tearing issues with all major GPU brands (Intel, AMD and Nvidia), in particular when multiple monitors are involved. What's your setup like?
With regards to security, the main issue is that X11 provides no isolation between applications, allowing them to listen to keystrokes and the clipboard at all times. With Wayland, only focused applications have this access.
Currently I'm using an old, slow laptop, with a graphics card integrated in to the motherboard. Nothing special. But I don't do any demanding graphics processing on it. I just watch movies and use web browsers and a terminal. I don't play graphically intense games on it.
"With regards to security, the main issue is that X11 provides no isolation between applications, allowing them to listen to keystrokes and the"
I don't see why this should concern me or 90% of X users, because if any malware manages to run on our systems it'll already have full control over them without needing to resort to any kind of keystroke sniffing in X.
I'm struggling to think of a scenario where malware's running on the same machine with access to a single X session, which doesn't already have full control over the account whose keystrokes they'd be presumably sniffing. They could just substitute their own malware versions of web browsers, shells, editors, or whatever other software the user uses and sniff keystrokes in there, without needing to touch X.
Not that it hurts to have more isolation than you get in X, but I'd need a lot more convincing for me to give up the convenience I already enjoy with X.
Can someone paint me a realistic, relatively common threat scenario where not having Wayland's isolation would actually present a serious security risk?
Right, if you already have malware running on your system, all bets are off. However, I'm sure you're aware that large applications like Chromium have tons of vulnerabilities, which is why they come with a sandbox to protect against exploitation. X11 is one of the biggest holes in these sandbox solutions. Replacing X11 with Wayland would plug this hole. I'd argue that security is something the average user cares about.
If your web browser is compromised, that's malware running on your system right there.
A compromised web browser doesn't need X to control the rest of your system. It can usually already write all over your system and perform all sorts of other attacks, including substituting applications, paths, LD_LIBRARY_PATH, etc.. not to mention try kernel exploits and the like -- not that they'd need to on a single-user system, as they could just get your sudo password by one of the other means mentioned above, all without touching X.
Anyway, if a typical user's browser is compromised, they're already completely screwed, as they typically access their online banking and webmail through it. Once again, the attacker does not need to touch X to get access to any of that.
To me it still sounds like Wayland's security model is trying to solve a niche problem that most X users don't really suffer from -- and charging an arm and a leg for it.
> It can usually already write all over your system and perform all sorts of other attacks
Not necessarily. Properly sandboxed applications like Chromium have a seccomp filter, separate pid/user/etc namespaces and bind mounts setup to isolate themselves from the rest of the system as much as possible.
> Anyway, if a typical user's browser is compromised, they're already completely screwed
It really depends on which part of the browser is compromised. Again, Chromium has some pretty good isolation. Having one malicious website exploit a vulnerability does not necessarily mean the attacker gets access to any of the other browser data.
If the browser as a whole has not been compromised, then internally it should be able to deal with the clipboard the same what that Wayland deals with it.
For instance, only the currently focused tab should have access to the X clipboard.
Superior performance? Like when windows take a whole second to appear because the protocol is synchronous and the server is busy doing something else? :)
Wayland makes lots of things possible: multi-monitor HiDPI, touchpad gestures like pinch to zoom (just like Macs could do ages ago), touchscreen support that's actually independent of the mouse pointer instead of always dragging it along… and there's finally no goddamn screen tearing. Every frame is perfect™.
> Superior performance? Like when windows take a whole second to appear because the protocol is synchronous and the server is busy doing something else?
Might be true, never happened to me. But what about FPS in Games. X11 beats it there for me. Or what about in the most important metric of them all: Latency. In all my Tests Latncy on Wayland is always a regression, compared to X11. (I use Intel and HDxxxx era AMD Graphics, can not say anything about Nvidia)
> Wayland makes lots of things possible
That might be true. But X11 can be extended and has been extended very often (hence the messy code). One thing I need regularly, namely OpenGL pass-through via SSH, will never be possible with Wayland.
> Every frame is perfect™
To me far less important than latency. Wayland should only care about tearing when I play full screen games. When I type on the terminal I want my characters appear instantly, then I don't care about tearing at all.
On my own testing (GNOME, latest Kernel, as well as Sway temporarily) latency and FPS were better on Wayland than X11 (though only on my beefier graphics card, windows rendered on the second one had higher latency and comparatively lower FPS than expected. But I don't game on that card.
>One thing I need regularly, namely OpenGL pass-through via SSH, will never be possible with Wayland.
Correct because Wayland isn't a network-like protocol as X is (though I've had X network passthrough break or fill up a gigabit ethernet connection worth of bandwidth on more than one occasion).
If you want remote desktop on Wayland, you need a tool specifically designed for that.
It's the unix mindset after all; why have one tool (X) do everything when you can have lots of tools interact and each solves it's own little problems (Wayland + tools)?
>Wayland should only care about tearing when I play full screen games.
If you run a game on wayland you usually get control over the screen anyway when you go fullscreen, once you have exclusive control you can go tearing all you want.
Though with adaptive sync becoming more common (and already being common on laptops) the perfect frame is less costly than tearing; the display will run at the FPS you can manage (within bounds). For it to work you only need to VSync and the GPU driver handles the rest.
In my experience, Wayland has way better and smoother performance than X on adaptive sync displays.
X11 doesn't easily support multiple monitors at different DPI, which is almost essential when using a hiRes laptop with an external (also hiRes) monitor.
Yea, I too love Sway and use it as my daily driver. I recommend you use the non-packaged version 65 or newer of Firefox, just need the GDK_BACKEND=wayland environment variable set. Only issue is due to the current state of Sway there are some drag-and-drop issues, but that's not a Firefox thing.
