It's the operating system kernel that has physical access to the hardware, user mode programs don't, and in theory, every graphical kernel call needs to validate user permissions. This has become difficult in recent years with 3D graphics which need a HUGE attack surface.
-
Show this thread
-
So graphics, even on systems without X Windows, have become a frequent target for local privilege escalation. That even includes remote exploits in browsers that use 3D acceleration.
1 reply 0 retweets 6 likesShow this thread -
There are many implementations of X Windows, but Xorg's has been the default for Linux and BSD systems for decades. It's synonymous with the Linux GUI and/or X Windows.
2 replies 0 retweets 5 likesShow this thread -
Things like Gnome are "windows managers", and ancient concept from the 1980s that separates management of windows from the contents of windows. Since your terminal can have windows created by more than one external computer, management needs to be separate.
3 replies 0 retweets 7 likesShow this thread -
So for Xorg, instead of doing fine-grained systems calls for every draw operation, with the costly step of checking user permissions every single time, it's easier just to give it root permissions with 'setuid'.
1 reply 0 retweets 6 likesShow this thread -
Most apps on Linux can run remotely, just add the --display on the end of the command to cause them to open a window remotely instead of locally. Other apps bypass X Windows and write to the local "frame buffer", especially video and games.
1 reply 0 retweets 4 likesShow this thread -
Newer things like Android discard this X Windows nonsense, because it's nonsense, and are just GUIs on top of the frame buffer. So even though Android is Linux underneath, there is no X Windows. There are, however, X Windows apps so that you can use your phone as an X terminal.
1 reply 0 retweets 8 likesShow this thread -
Most Linux users I know, when they want a remote GUI, just use VNC instead. With VNC, the app renders the pixels locally, compressed the image, and sends it to a remote computer.
1 reply 0 retweets 2 likesShow this thread -
Not having X Windows doesn't mean you are good, though. Microsoft with it's GDI system is prone to all sorts of funny performance, scalability, and security issues. On the other hand, their remote terminal services is the best in the business.
2 replies 1 retweet 4 likesShow this thread -
Because X Terminal and VNC are good enough for Linux, they've done nothing better for remote terminals. Because Microsoft's Windows sucks for remote in theory, they've done extraordinary, heroic things to make their Terminal Services better than Linux.
3 replies 2 retweets 8 likesShow this thread
There are alternatives to VNC, such as NX, SPICE and vBridge. VBridge is especially impressive.
-
-
Replying to @jedisct1 @ErrataRob
Apart from it's GitHub page, where can I read something about it?
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.