There is one, really good, overall competing reason to dump X:

separation of privilege

It's a flaw in it's core design and whole teams have spent decades of man-hours trying to fix it. But, it's like building a brick house on a straw foundation. I won't bother explaining it, there are dozens of videos on youtube done by people who've actually tried to fix the problem... Not by people reading a forum, not by people whom think "if it an't broke don't fix it" applies to everything and would have us all still driving cars that require a hand-crank starter. Not by people whom have never written operating system code, but instead write java smartphone apps all day and assume what they know and understand translates to operating system development.

No, don't argue with me. If you're so sure it's a simple thing to fix then show the Linux world how brilliant you are and post your code. You'll either be proven to be a truly gifted programmer or I'll get to watch experienced X developers explain why what you wrote will not work. As well as, how much you really don't understand about OS development or the problem itself. After all, I've only glimpsed the outer edges of what's wrong with X and that much makes me wonder why we trust it at all.

Sure... you got it, Sunshine.
Thank goodness you wandered by to enlighten the rest of us poor souls....
Enjoy your techno-jihad.

Care to explain why Luridis is wrong?
You know, rather than picking at how something was worded. Admittedly the post didn't share that much information but was another person sharing their experience of finding out about Linux and discovering that X11 is flawed and that the X11 programmers and other Linux developers are the first to admit this.

I suspect that his or her opinion differs from my own. Hence the use of inflammatory language (jihad) to make my position seem unreasonable. Of course, it could just be trolling too. But, I'll throw the person a bone anyway...

Ever launch the program xeyes? Think it is cute that those eyes follow your pointer anywhere on the screen? Now imagine this: xeyes was written by someone with less than honest intentions, you're using a touch screen and you're typing on a pin pad. The security issue people miss isn't what the user can do, its what stuff on an app store could do. Now, go install Wayland/XWayland and launch xeyes and see what happens when your pointer leaves the application's window.

Here, this guys story is far from unique... https://youtu.be/CeAnSSyv20Q

Why bother, he never explained why he was right. He has a really bad habit I'm trying to break him of, appealing to an authority he has not demonstrated. This is normally the domain of Politicians and TV Preachers, though in truth excitable open source coders are developing the same reputation. I happen to know a little bit about the problem he's referencing and I tend to agree, if Wayland fixes the display-manager-as-root issue, good on Wayland. I'd point out, however, the last time I checked, the entire Microsoft OS has the same problem.

In Slackware it's on it's way as an option (I noticed alienBob has a directory named Wayland in his ktown repository) but I seriously doubt they will force of us to use it (for our own good, whether we want it or not, cause they know best in every case).

Now all that said, I'll try it when it comes to Slackware and I'll make a decision about whether it works for me, my use case, my habits, my preferences. And the fact it solves the root-like issue of X will weigh in that decision, however people who come out of the woods with their "I know best... if you don't do as I say you're a luddite" speeches shot their bolt on systemd. Time to give it a rest. Linux is about choice, it always has been, if we don't get choices then why the hell aren't we using MAC/Win?

Imagine you are running wayland and you spawn a browser, imagine the browser has malicious software embedded in it to grab your passwords, will wayland protect you? (No)
Imagine a little desktop doodad has jumped it's namespace and penetrated Waylands. It then implement it's malicious code to grab your passwords. Will Wayland protect you? (No)
Imagine the malicious code is going to search every file on the machine, every user, looking for for the same information, Will Wayland protect you? (Some)

Fly in that ointment.
If you're using a desktop, let's assume you follow security procedure and use it as an unprivileged user (because if you use it as root, waylons no help at all). In the optimal use case your still probably hosed.The malicious thread has penetrated your display managers UID (wayland isn't bullet proof, it's just not root-like). While it can't access every users data, it can sure access the data of the user who instantiated Wayland (you), that's all it has to do (Unless you use a different local/domain account for every external password you have and it just happens to penetrate on the user that just surfs porn). It's an incremental improvement in the area of security for personal desktop machines though I wonder how much "real world" security it will actually deliver at the desktop level, which explains my "...meh" attitude towards it.

In no use case does it obviate the requirement that you do not install malware on your nodes.

The only thing that can protect you from you, is you

You tube is a circus of fools. Wanna see six hundred videos of people who we're abducted by aliens? My wife came across dozens of huskies who can howl a fair facsimile of human speech, one, notably, in Cantonese. Do you think dogs are evolving and if so, why just huskies ???
The most you can get from watching a video is the impetus to dig deeper.

...and thus ends your lesson for today, Sunshine. Next time do your homework.

If you're so concerned about the problems Wayland is not solving, then perhaps your time would be better spent on helping solve those problems. Don't like Systemd? Go look at the CK2 and elogind projects because they appear to have little in the way of contribution compared to Systemd.

What I personally find amusing is that back in the 1990's, you'd be hard pressed to find anyone complaining about someone contributing code. Today, everybody seems to think they have the right to tell other people they can't write something. Especially if it gains any kind of ground. The reality is that people are going to gravitate towards things that work and provide features they want. If someone wants to stop that then they really have only one solution and that is to offer something better. Griping about how those solutions are unnecessary, unwieldy or violate "the philosophy" doesn't change the fact that it's there and people are going to use. Why? Because no one is offering an alternative.

Although perhaps a previous comment here was "less than diplomatic," the essential statement of concern is actually compelling. The GUI sees and handles everything. Confidentiality was never much considered as part of the original X11 / XWindows design. Access to the hardware was, shall we say, "engineered." Now that computers are taking on more and more responsible roles, people have more reason to want to exploit what they can ... and this architecture is very exploitable, especially when a network is involved.

But also – it is old, and computer hardware has changed a great deal since that design was first put on the table. You can, as they say, "kick the same can down the same road only so far" before you reach the Land of Diminishing Returns.

IIRC The original implementations of X were all using software renderers and I doubt they needed any direct hardware access. Accelerated 2D came about in the late 80s, culminating with the Cirrus Logic stuff in the mid 90's. All dropped of course when the 3d stuff started in the late 90's.

The whole resist change because "change is bad when things are working" is worn completely out. When I threw away my 56k modem it still worked fine. And yes, a cable modem is more complicated, so is Wifi, but no one is arguing against them. When building LFS systems i18n stuff can be very complicated and annoying, but it make Linux available to more people so I don't complain about it.

I think I explained, I'm not concerned about it and went into some detail as to why.

I don't care if you write it, I may even use it, I get irritated when you insist I'm not qualified to make that decision for myself and you are which, I think you're discovering, is not always the case. The fact you would fail to research the topic sufficiently just means you're BS'ing which leads me to think your software shares that trait with you, since you're obviously diddling with something you don't clearly understand

Systemd automates process management, giving you a trivial API for programmatic access, i.e. you don't have to understand the structure of the node to control things like process instantiation sequence (as long as they are demons or services). You can do that with the signals module in a python class and a bash script. Normally, the class doesn't run much past one hundred lines (depending on how many of these you want to chain together and how much environmental prep/cleanup you require.)

You make a bash script that instantiates the python object and captures it's PID so the bash script can talk to the python object using system signals. The bash script checks the system process accounting system for a pid belonging to the 1st process the python object is going to start. It then looks for the corresponding PID flag in var/lock (normally). When it sees it, it executes " kill -USR1 $(python objects pid)". That tells the object to move the next process you want started where the two processes repeat the sequence.

The primary advantage of doing it this way is you can send it kill -USR2 $(object PID) and it will shut down the processes it has started and reset the environment automatically (something systemd doesn't do). When the python object recieves a kill -9 it dies and shortly thereafter, so does the bash script.

Take moment and consider the costs of running cloud infrastructure and ask yourself, do want to pay for systemd to run every hour of every day on hundreds or perhaps thousands of nodes, or do want this thing to run for fifteen seconds post deployment? This actually does a better job than systemd with no persistent overhead (read $cost). Developers use systemd in their environments and I happily support that as well, based on their skill set, it gives them the ability to experiment and I always try to make room for another persons genius in my plans. When it goes to a perf environment or prod where it's sustaining persistent and at times heavy workload, systemd comes off and this model over systemV is the preferred implementation (commonly).
So no, systemd puts money in my pocket and food on my table, so I like it fine, just not for the reasons you might think.

@Sundial:
I'm trying

I'm sorry but I fail to understand why anybody bothered to bring up systemd?

Wayland is not systemd!!!!!!

This, to my minnd is the issue here. I haven't seen a single argument against the actual goals and implementations of Wayland -- just against change. I'm a person who thinks that XFCE is the pinacle of DEs, I buy CDs and DVDs and bought a phone with a physical keyboards which I will not use for either playing music or reading books. I hate Android. In other words I do not like change but I do appreciate progress. As fas as my experience and my reading of the goals of Wayland go I see it as progress. if I could run XFCE on Wayland instead of GNOME I'd be venting aboout not being able to get it to work on my desktop too to give it a performance test or two.

Changing for the sake of change is expensive and... pointless.

An historical note.
In the beginning their was time sharing. 5 people would use the same hardware for 5 different purposes. Then, their was X, but only the devs got access to it (why do you need X, you have vi).
This is when they discovered the security problem you're referencing.
Computer eons passed, that digital paleolithic era faded into memory and as we went from "time sharing" to "personal" servers. The idea your personal Linux server would suffer downtime because you loaded malware on it became less of a pressing concern (to everybody else). The mists of time eventually obscured it to the point where we remembered X's root-like problem, but it didn't really matter, you could mitigate with a modicum of care (and bluntly, if you wont be a little bit careful, there's no saving you) and it didn't impact anyone but you.

That's when you discovered the "solution" to a problem nobody has anymore (unless someone is still time sharing on mainframe). So we're back to "new" which is valid reason to try it, just not a compelling reason.

Oh, is there feedback that Wayland isn't efficient when on a server and isn't any more of a server "no no" than X11?

Care to post a single thread of ecivence that Wayland is not just an attempt by very skilled devvelopers to replace X11 with something more secure and efficient?

1 members found this post helpful.

It is a recent example of another open source project that solved a problem that nobody in the commercial world (at least) had. People who didn't understand how easily and cheaply that issue could be remdiated, lobbied heavily for it, and in the final analysis, it's not cost effective.

In my own professional area, which is probably why I'm dwelling on it, I deal with "dev/ops" engineers who know how to code but can't understand a node. When they find out that's how we roll it up in prod (where almost all the servers live), they're aghast. You're a luddite! Perhaps... but at least I'm not a fanboy...
Nobody likes fanboys, especially the guy who cuts the checks.
Allow that thinking to shape you're coding and you'll produce things people want to use instead of try.

I have to wonder, does anybody work on a commercial server that even has head, much less runs an x-server? This thing seems to be for personal use, and while it is an incremental improvement over X regarding security, if it was more efficient or more feature rich, you'd have strong argument for it's adoption.
I'm just pointing out the security argument is largely fallacious.

I think it's probably good software, I'll try it when it becomes stable on my distros software stack but nothing I've hear so far would compel me to switch to another distro so I can be an early implementer.

If you're writing code for an open source project, I respect and salute you for that, it doesn't really matter if you ever produce version 0.1, just the effort to give back to the community is greatly appreciated. If you think we don't adopt new software constantly in the Slackware community, I'd point you to the changelog.txt on slackware.com. It's the constant "I wrote it so you must.." approach I'm tired of, and the endless stream of people who don't understand the problem and yet insist they have a solution.

I imagine that's exactly what it is. I also know it probably has warts we haven't found yet, all software does.
You guys act like I don't like the software, what I don't like is you guys making fallacious claims as to it's efficacy.