> Sure, from a security/privacy prospective it's good that any application can't see or interact with the content of other windows.
I got tired of hearing this so for my current desktop I went for something a bit special. I cannot log as root not "sudo" nor "su" on the desktop itself. So, from Xorg, it's not possible to have, for example, a terminal running stuff as root (so a bad actor that'd be in control of my Xorg --not something I'd like mind you-- wouldn't have an easy way to run everything he wants as root).
The way I set up is simple: I've got a laptop, without WiFi (well it has WiFi but all the drivers have been removed), on a separate LAN, that I use as my "root console". The only way to log in as root on my desktop is through SSH, from the laptop, by using a Yubikey: so I modified SSH to allow root login, but not with passwords.
That laptop doesn't have Internet access: it's only connected to the desktop.j
I also hardened the kernel running on the desktop a bit: non-root users can only see their own processes, stuff like that.
I don't know how secure it is but it was fun (and easy) to set up. I'm running that setup since eight months now: it's smooth sailing.
Besides that... I'm using X back since way before the XFree86/Xorg fork and I do actually use wmctrl and a few other tricks.
From TFA:
> The problem is that they took out many features the users depend on with no real replacement in sight.
This. I never understood the Wayland approach of telling their users, early on, "You don't want to take a screenshot of your entire screen". When I did.
I don't even know if all the Xorg features I'm using do or do not work nowadays with Wayland but I don't really care: I understood very early on that Wayland developers were actually hostile towards Xorg users.
> Xorg could have no development for another 10 years and still be more functional.
I got tired of hearing this so for my current desktop I went for something a bit special. I cannot log as root not "sudo" nor "su" on the desktop itself. So, from Xorg, it's not possible to have, for example, a terminal running stuff as root (so a bad actor that'd be in control of my Xorg --not something I'd like mind you-- wouldn't have an easy way to run everything he wants as root).
The way I set up is simple: I've got a laptop, without WiFi (well it has WiFi but all the drivers have been removed), on a separate LAN, that I use as my "root console". The only way to log in as root on my desktop is through SSH, from the laptop, by using a Yubikey: so I modified SSH to allow root login, but not with passwords.
That laptop doesn't have Internet access: it's only connected to the desktop.j
I also hardened the kernel running on the desktop a bit: non-root users can only see their own processes, stuff like that.
I don't know how secure it is but it was fun (and easy) to set up. I'm running that setup since eight months now: it's smooth sailing.
Besides that... I'm using X back since way before the XFree86/Xorg fork and I do actually use wmctrl and a few other tricks.
From TFA:
> The problem is that they took out many features the users depend on with no real replacement in sight.
This. I never understood the Wayland approach of telling their users, early on, "You don't want to take a screenshot of your entire screen". When I did.
I don't even know if all the Xorg features I'm using do or do not work nowadays with Wayland but I don't really care: I understood very early on that Wayland developers were actually hostile towards Xorg users.
> Xorg could have no development for another 10 years and still be more functional.
Ouch.