Skip to content

Allow harmless XWayland key snooping by default

Wayland has a design philosophy of prohibiting keyloggers, which is sane. However X11 did not, and a lot of X11 apps were developed with the expectation of being able to sniff keyboard events to handle global shortcuts. When such apps are run in a Wayland session under XWayland, these features break.

Historically we have prohibited this in the name of security. In Plasma 5.27, we gave users a KCM they can use to choose their preferred balance of security and unbreaking XWayland apps with global shortcuts. But we still defaulted to total 100% security, at the expense of breaking these apps by default.

However today we have a compromise that unbreaks them 99% of the time while not meaningfully reducing security: we can have KWin only prohibit XWayland apps from reading alphanumeric key events that don't have a modifier key pressed at the same time. This still prevents those apps from acting as keyloggers and reading your password or all the text you type, but does allow those apps that have a legitimate need to read key events for global shortcuts do so, because global shortcuts will involve modifier keys being held down.

Due to the way the security modes work, making this change will also allow XWayland apps to read non-alphanumeric keystrokes without any modifiers being held down, but that's also fine for security since you can't use any of those keys to type text or passwords.

@davidedmundson @teams/usability

Merge request reports