Linux News Today: KDE Developers Work on Improving the Security of KDE Plasma 5 on Wayland

After informing our readers last week about the implementation of a beautiful and secure lockscreen for the upcoming KDE Plasma 5.5 on Wayland desktop environment, today we have new information about the things that will come for the Wayland session of KDE Plasma 5.5.

KDE developer Martin Gräßlin writes on his blog about the security of the KDE Plasma 5.5 on Wayland session, which is compared with the one of the X11 session, as well as about some of the things that need to be improved in order to offer users a more secure Wayland session when the final release of KDE Plasma 5.5 will be available.

“Our beta release of Plasma 5.5 includes a Wayland session file which allows to start in a Plasma on Wayland session directly from a login manager supporting Wayland session,” said Martin Gräßlin. “This is a good point in time to look at the security of our Plasma on Wayland session.”

According to Mr. Gräßlin, the security provided by the next-generation Wayland display server can not be compared with the one of X Window System (a.k.a. X11), which is not very secure and has many quirks that could allow attackers to damage a GNU/Linux operating system.

Wayland is more secure, but not secure enough for KDE Plasma 5.5

The design of Wayland makes the display server more secure when compared with X11, but it appears that its security restrictions are not yet compatible with the KDE Plasma desktop shell, which means that the KDE developers made various adjustments and implement custom protocols to allow Plasma windows to position themselves and provide window management facilities.

In the lengthy article, which is a recommended reading for all users of the KDE desktop environment, Martin Gräßlin shows us how to break the security of the KDE Plasma 5.5 on Wayland session, and makes some suggestions that could improve the startup process of KDE Plasma on Wayland. Most probably, these will be done before the release of KDE Plasma 5.6.

Via Softpedia