Request for comments on security of authentication/authorisation UIs

Alistair Buxton a.j.buxton at
Wed Mar 26 21:56:38 CET 2014


Xfce is fundamentally incompatible with Wayland due to the restrictive
nature of the API. This means none of the Xfce shell can function
inside any Wayland compositor without being completely rewritten.
Specifically this is because there is no way to make libwnck function
inside any Wayland compositor and no way for Wayland clients to manage
windows (either their own or others). As such the question of how
authorization dialogs function is completely irrelevant at this time.
I don't really understand what you are even asking when you say "what
would fit within the XFCE way of doing things?" - the answer is
currently "anything that involves Wayland will not fit."

On 26 March 2014 14:29, Steve Dodier-Lazaro <sidnioulz at> wrote:
> Hello,
> Currently on the Wayland ML, a bunch of devs are discussing security issues
> [0,1] and the need to restrict userland processes' privileges to e.g., take
> screenshots, act as virtual keyboards or read keyboard events for other
> apps, etc (basically introducing privileged interfaces that require explicit
> user authorisation). We've also been discussing how the introduction of
> Wayland allows for redesigning and securing authentication and authorisation
> UIs.
> This has led me to question the way authorisation and authentication are
> currently done, and to write a couple of proposed requirements for both
> tasks. I'd be very keen on hearing the opinions of various DE developers
> (including of course XFCE :) ) on a blog post I've written [2], that focuses
> a lot on the infrastructure needs (both in Wayland and desktop
> environments). I'd also like to debate UX aspects of authorisation and
> authentication UIs. In XFCE so far we haven't had any need for authorisation
> UIs, and been pretty much using polkit for any auth need as far as I can
> tell. Given the proposals I made (which really are ideas that need
> experimentation and refinement), what would fit within the XFCE way of doing
> things? How would you guys implement auth{orisation,entication} dialogs in
> XFCE if you had to do it? Can you spot any missing technical requirements in
> the post? Anything you disagree with and want me to review?
> Thanks,
> [0]
> [1]
> [2]
> --
> Steve Dodier-Lazaro
> PhD Student in Information Security
> University College London
> Free Software Developer
> OpenPGP : 1B6B1670
> _______________________________________________
> Xfce4-dev mailing list
> Xfce4-dev at

Alistair Buxton
a.j.buxton at

More information about the Xfce4-dev mailing list