←back to thread

Show HN: X11 tool to share a screen area in any video meeting

(github.com)
345 points splitbrain | 10 comments | 14 Oct 24 13:11 UTC | HN request time: 0s | source | bottom
Show context
OsrsNeedsf2P ◴[14 Oct 24 14:08 UTC] No.41837682[source]
I love how simple this is- Barely 100 lines or C++ (ignoring comments). That's one thing that makes me prefer X11 over Wayland.
replies(8): >>41837906 #>>41838181 #>>41838339 #>>41838393 #>>41838489 #>>41838500 #>>41838693 #>>41844644 #
1. teekert ◴[14 Oct 24 15:35 UTC] No.41838500[source]
Is it much more difficult under Wayland?
replies(1): >>41840816 #
2. favorited ◴[14 Oct 24 19:10 UTC] No.41840816[source]
Wayland intentionally makes this more difficult, because one of the security goals of the project is that (by default) Wayland clients shouldn't have visibility into other clients' window contents/events/etc.

Of course, it still needs to be possible under Wayland, because there are plenty of legitimate use-cases (screenshots, screen sharing, video capture, etc.), but it was a non-goal to make it as simple as X.

Wayland merged the image-capture-source and image-copy-capture protocol extensions earlier this year: https://www.phoronix.com/news/Wayland-Merges-Screen-Capture

replies(1): >>41842067 #
3. enriquto ◴[14 Oct 24 21:11 UTC] No.41842067[source]
> Wayland intentionally makes this more difficult,

some men just want to watch the world burn

replies(1): >>41843266 #
4. favorited ◴[14 Oct 24 23:23 UTC] No.41843266{3}[source]
And Wayland keeps their apps from spying on the rest of my screen!
replies(3): >>41845035 #>>41847043 #>>41848153 #
5. enriquto ◴[15 Oct 24 04:47 UTC] No.41845035{4}[source]
I never understood the rationale for Wayland's "security"...

All the programs that I use (ls, rm, vim, ...) can "spy" to each other, and have unrestricted read/write access to all the bytes in my home directory. That's the whole point: I run these programs to control said bytes. What's so special about the pixels of my screen that the programs that manipulate them need to be protected from each other? If anything, the pixels in my screen seem less critical to security that the bytes in my disk. But Wayland insists in making that difficult, for incomprehensible reasons. Those are my pixels and I want to do what I decide, not what Wayland lets me to. I control my programs, not the other way round. If I decide that this program reads one pixel on my whole screen, or the global mouse position, or whatever, I see no point in forbidding me to do it.

Of course, if I want to run some rogue program whose author I don't trust, I will do so inside a limited container. But this has nothing to do with graphical applications. I wouldn't like the rogue program to read my homedir either.

replies(1): >>41848125 #
6. lupusreal ◴[15 Oct 24 10:25 UTC] No.41847043{4}[source]
Where does this paranoia come from? The kind of attacks cited by Wayland advocates are all theoretically possible but virtually unheard of in practice. In any time in the past thirty years, has there ever been a case of a rogue program in the Debian repos that maliciously spies on the user by exploiting the open and trusting nature of X11? Even if you expand the scope of consideration to applications like browsers getting pwnd by RCE zero days and then doing this, how often does this actually happen? Maybe this degree of paranoia, fear of technically possible but actually extremely rare scenarios, makes sense for targeted individuals like reporters and whistleblowers operating in totalitarian countries, but for anybody else it seems insane. It's like having deadbolts on your bedroom door because you're afraid of somebody trying to kidnap you in the middle of the night, that extra security against such an unlikely threat isn't worth the inconvenience. Except actually, getting kidnapped in the middle of the night is probably a more common occurrence than getting pwned through X11 programs from your distro repos.
7. ok123456 ◴[15 Oct 24 13:01 UTC] No.41848125{5}[source]
The rationale is that you can have a GUI in one of those limited containers and not spy on all your other windows.
replies(1): >>41848470 #
8. account42 ◴[15 Oct 24 13:05 UTC] No.41848153{4}[source]
I don't run "apps" on my PC. I run programs from a trusted source repository. I expect those programs to not be hindered in their attempts to serve me.
9. enriquto ◴[15 Oct 24 13:37 UTC] No.41848470{6}[source]
You already can with X11, for example running your rogue graphical program inside a graphical virtual machine. The vm gui will filter-out the events that happen outside the window and the rogue program will think it's running alone.

It's nice that wayland makes such containerization much lighter, at least concerning the GUI (you still need to hide your filesystem, network, etc if you want to run rogue programs under wayland). But I don't see the point in enforcing it for each and every one of your programs. It's extremely unergonomic.

replies(1): >>41856989 #
10. rnhmjoj ◴[16 Oct 24 08:53 UTC] No.41856989{7}[source]
I think the general direction where Wayland, Flatpak and other similar sandbox frameworks are going is that of users running proprietary, untrusted and more or less user-hostile apps on the desktop, just like on tables and smartphones.