Closing this is wrong. Upstream is responsible for making Xorg work, not for delivering a reasonably secure desktop experience, that is the job of the distribution maintainers. Upstream is just saying use SElinux, that is not the best way to do this, keylogging is trivial under the current setup, Windows / OSX do not suffer from this. Under Xorg it is possible to write a one-line command line that captures input and posts it to a web server.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/800172 Title: Application keylogger vulunerability in Xserver To manage notifications about this bug go to: https://bugs.launchpad.net/wayland/+bug/800172/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
