WebKit For Metacity/Mutter CSS Theming? 124
An anonymous reader writes "As Metacity (the GNOME window manager) evolves into Mutter, the question of CSS themes and how to implement them has come up. One of the proposals was WebKit, which the author asked more specifically about on his blog. It seems that WebKit, being a very fast rendering engine, would allow Mutter to have unprecedented power, not to mention being nearly future-proofed. As a major bonus, going this way could allow GNOME to share themes with KDE, which is apparently already headed towards a dependency on WebKit. Many people will reflexively recoil at the idea of a browser being mixed with a window manager. But it's important to remember that WebKit is not a browser — it's just a rendering engine, and it's not where all the security issues come from. So, what are the real technical issues at stake here? What are the pros and cons of using WebKit underneath GNOME rendering?"
Re: (Score:3, Funny)
It's too bad, what with Metacity being one of the few window managers available.
Re: (Score:3, Insightful)
Re: (Score:1)
Yes, it was a joke. And I don't even use Linux.
Re: (Score:3, Funny)
Unless you were frozen in th 50s, that comment can only be explained as a joke... if there is something of which there is plenty, that's window managers...
* -- joke
OO
OOOOO -- the cloud
OO
o
\|/
| -- you
/ \
Re: (Score:2)
and I suck for posting that.
Re: (Score:1)
leave my cock alone.......
Re: (Score:2)
Re: (Score:2)
You ever hear about security through obscurity?
Re:Lets see... (Score:4, Insightful)
One of the pros: GNOME gets a "tested" engine to do most of the work required...
And the con: GNOMErs will squabble about what to drop and in the end, they will create more duplication. Not good...not good at all.
Re: (Score:1)
you've been reading linuxhaters too much. take a pause. :P
Re:Lets see... (Score:5, Insightful)
Could you explain to me why this would be a greater security risk than some person making a "theme" that exploits a flaw in Metacity?
Re: (Score:1, Interesting)
Re: (Score:1)
Today's Firefox vulnerability appears to be limited to denial of service (which probably isn't an exploit, but I'm not close enough to that jargon to argue about it). The one from last week was exploitable.
Re: (Score:2)
Re:Lets see... (Score:5, Insightful)
Wait, how does this make it easier? Metacity's code is open already.
There are going to be a ton more crackers wanting to find ways to exploit Safari and Chrome than there will ever be wanting to find flaws in a WM.
And a ton more hackers working to fix those flaws.
Basically, without WebKit GNOME is just another DE, interesting, but not worth the work to exploit. On the other hand, with a ready-made script, it wouldn't take too long for someone with no skills to exploit it.
So you're basically arguing in favor of security through obscurity, and against code reuse?
Also, I fail to see how it's more dangerous for the average user to have their WM compromised than their browser. It's a lot easier to trick people into visiting a website, just once, than it is to convince them to install your theme.
Re: (Score:2)
It's a lot easier to trick people into visiting a website, just once, than it is to convince them to install your theme.
A pretty lady as a wallpaper will convince them just fine.
Re: (Score:2)
Depends who you're trying to convince. It really doesn't take much to download a pretty lady in a safer jpg or png form and set her as your wallpaper.
Re: (Score:2)
And where do you need to go in order to get one? A webpage!
Also, we're still talking about nerds (unless the year of the linux desktop happens while I wasn't looking). A great many don't put pretty ladies on their desktop. They keep them well hidden in other folders.
Spin spin spin (Score:2)
Hey, SanityInAnarchy. I'm not necessarily disagreeing with you, but I do want to point out a few things.
So you're basically arguing in favor of security through obscurity, and against code reuse?
It can also be called homogeneousness with can cause security problems in general. On top of that, with all the features Webkit brings it also brings complexity in code... which inherently leads to more security flaws. As an example, many forums only allow bbcode instead of full-blown html.
In the end I think the features are probably worth it, though. While metacity themeing isn't hard per-say, it wou
Re: (Score:2)
Uh, you run your window manager as root do you? Good luck with that...
Re:Lets see... (Score:4, Insightful)
and a pre-made rootkit to gain access.
you keep using that phrase, I don't think it means what you think it means.
1) your WM runs at user level, an exploit would therefore at best gain the ability to run code at user level.
2) you WM can be locked down pretty tough by apparmore/selinux/etc, so whatever code it can execute is limited to the functions of a WM anyway (no net access, no disk writes, etc)
3) if your downloading random themes from untrusted users, it's easier to attack you by giving you a widget/screenlet or random script to run.
4) if there is a security flaw in the webkit rendering engine, surely you can just exploit peoples browsers when they go to download your theme.
In summary please never talk about security ever again.
Re: (Score:2)
Seriously, you're confused:
Unlike Linux or Gnome itself, or Metacity? We're talking about open source or free software here, its all got exposed code, and it all gets checked for bugs by both malicious and kind-hearted persons from time to time.
If you're saying that WebKit is more popular than Linux itself and will therefore attract a few extra eyes, I'd bet you're wrong but either way its pretty close. The problem you sh
Re: (Score:1, Funny)
Simple solution:
Users must be too fucking stupid to choose a theme, therefore remove themes from metacity. Whichever developer is landed with the metacity code this year can choose the theme. Everyone will love this fantastic enhancement of the user interfacing experience!
Re: (Score:1, Offtopic)
Re:Lets see... (Score:5, Insightful)
But, your window manager doesn't run as root. And themes have to be installed by the end user. This is no less secure that just using a browser.
The overhead could be ridiculous, sure, but this just isn't a security problem.
Re:Lets see... (Score:5, Insightful)
Browser rendering engines? In my application UI? It's more likely than you think, especially if you use Firefox, or any other application built around a XUL runtime. How many CSS-only exploits you heard of for them?
Re: (Score:2)
* { background-image: url(telnet://some-innocent-site:80) }
There, a client and server DoS attack using only CSS. It doesn't work any more, but it did back when I found out about it [mozilla.org] (at which point it had already been known for over a year and not fixed, and stayed that way until someone else found out "shell:" urls entered in Firefox got opened and executed by IE...)
Re: (Score:2)
Nice try.
Here is the growing list of WebKit enabled GNOME applications.
http://trac.webkit.org/wiki/ApplicationsGtk
I personally like Epiphany 2.27.2 in Debian already being HTML 5 ready and having Font-Face and more just working while I have to wait for Debian to actually get Firefox [Iceweasel] ready. With the most recent major security flaw in Firefox 3.5 I'd expect Debian to wait until FF 3.5.1 is released before I get to have that even in Experimental, let alone Sid.
Re: (Score:1)
Re: (Score:3, Informative)
Indeed.
Now webkit isnt a porous mass of malware-friendly hooks like you have on windows, it's true. At least not yet. Nonetheless, sometimes it's best just to accept that the fact you *can* do something stupid like make your window manager depend on an unrelated application, that doesnt mean it's actually a good idea.
Re: (Score:2)
So... Webkit renders html as far as I know. So the proposal seems to be to render the entire Gnome gui by feeding html at it. I hope I'm wrong, because if that is correct then it would be a really goofy way of going about things.
Re: (Score:3, Informative)
So... Webkit renders html as far as I know. So the proposal seems to be to render the entire Gnome gui by feeding html at it. I hope I'm wrong, because if that is correct then it would be a really goofy way of going about things.
You're wrong, don't worry.
A window manager pretty much manages the window decorations (title bar, borders, et cetera) and window actions (close, maximize, resize, move, roll-up, sticky, always on top, always on bottom, et cetera).
Metacity is a window manager and nothing else. It doesn't handle what is in the windows themselves.
Oh, and their only proposing to use CSS. No HTML.
Re: (Score:2, Interesting)
Yes, yes it is. And a lot of vocal people whinge about how removing IE doesn't remove Trident, which shouldn't be part of the OS, because god dammit, people MUST BE ABLE TO CHOOSE, and now you're not letting me choose not to have WebKit, because my 2 user fork of Gecko is better because it lets me do X, Y and Z.
Sounds like a double standard to me. Either integrating the HTML engine with the window manager is bad (Trident/Windows) or it's good (WebKit/Mutter). It's not both at the same time because you want
Re: (Score:2)
This article is talking about using WebKit, a rendering engine as a themeing system in Mutter. While using Trident to render themes in Windows Explorer would certainly bring out some cheap laughs at IE's expense, security is not really the predominant concern.
Re: (Score:2)
What's wrong with two-user forks? I have a bunch of one and a couple of two user forks on my computer. Isn't that what free software's about?
Re: (Score:2)
Either integrating the HTML engine with the window manager is bad (Trident/Windows) or it's good (WebKit/Mutter). It's not both at the same time because you want to be an individual and hate Microsoft, just like everyone else does.
The specific problem with Windows Explorer was that it rendered local HTML content at a higher security level than web content. Which lead to fun exploits because someone selected an icon.
And certainly there was a feeling that Microsoft wasn't playing fair, but that was more about threating Compaq and others in their "trust". Had Trident been integrated with some sense of security, it probably wouldn't have been a technical issue per-se.
Re: (Score:2)
Right, and as individuals we all voted years ago speak as one unified voice which never contradicts itself. I apologize on behalf of the FOSS collective. Your suggestions will be assimilateda dnd add
I see pro's, but no con's (Score:1, Insightful)
Re: (Score:3, Funny)
Indeed, nothing says UNIX like a binary format.
No problem.. (Score:3, Interesting)
Re:Something compiled? (Score:5, Interesting)
I have no idea why you're modded insightful. I'm tempted to mod you down, but I'll reply, instead:
I know its fashionable these days to do everything over HTTP and inside a browser but it's just a fad.
Yeah, the Web is "just a fad". OK, I'll get off your lawn.
Oh, and what does HTTP have to do with this? Or a browser? This is just a rendering engine, nor is it the first app to do this -- Firefox itself does its UI in XUL, as does Thunderbird, Songbird, and several other apps.
Everybody knows it sucks from a design / efficiency point of view
Design, you may have a point. I'd be interested to hear it.
Efficiency is actually getting quite good, especially for what this is.
I'm not going to waste my time writing a detailed rant about why you shouldn't use a freaking browser rendering engine to draw your GUI for you because thanks to the openness of Linux I will just be able to load one of 10's of other, infinitely faster window managers.
Good. But if you'd written a longer rant, there might actually be more to discuss.
But let's go back to your original point:
Would it not be better to use a compiled, binary version of CSS for this sort of thing to reduce the overhead.
So... Why would we want to use a "compiled, binary" version of anything we don't have to? Your startup scripts are in Bash. If you're on Ubuntu, a fair amount of your upgrade scripts are in Python.
For efficiency's sake, you say. Ok, but why would you want it stored that way? Web browsers are proof that it really doesn't take that long to parse CSS, HTML, and Javascript. There's no reason the runtime can't store them in some binary/bytecode format, but why would you complicate the on-disk format?
For space? Those things compress well. And again, browsers are proof that compression is fast enough for people to not notice or care.
For boot time? Again, browsers prove that's kind of a non-issue -- most websites I view are massively more complex than some borders around a window. Turn on Flashblock, and tell me you wouldn't love for a computer to boot as fast as a typical website loads.
Now, I understand where you're coming from. I used Fluxbox for a long time. Then I realized that KDE4 loads in about two seconds on my machine, and zero seconds vs two seconds to load a GUI isn't enough of a difference for me to care, considering the functionality I get out of it. (Actually, I realized this with KDE3...)
And as for the functionality, I don't know the first thing about skinning a window manager. I do, however, know how to build HTML and CSS. So, me suddenly knowing how to build themes, easily, I call that a useful feature.
Re: (Score:2)
Web browsers are proof that it really doesn't take that long to parse CSS, HTML, and Javascript.
Web browsers are proof that CSS, HTML and Javascript based interfaces are really sluggish and memory hungry compared to interfaces coded with native frameworks.
Re: (Score:2)
Turn off Flash and see if it doesn't get a lot faster.
As for your claim, I'm going to shrug and say both that they're fast enough, and that we're talking about a fairly small piece of chrome. I don't know that anyone suggested building the entire UI that way -- although when it's happened, you end up with something that runs on netbooks [blogspot.com].
Re:Something compiled? (Score:4, Interesting)
Are you... FUKING MAD?
I'm sane enough to know how to spell 'fucking'.
A whole desktop using a HTML engine to render the entire desktop?
I don't know that I suggested that. Doesn't have to be pure HTML, nor did anyone suggest that it be the entire desktop. Oh, and the original proposal was apparently for CSS and XML -- so more like XUL.
Are you using Firefox? Its entire UI is done in XUL, and rendered by Gecko.
You know the nigthmare to create and respond to events using html and javascript?
It's actually like some beautiful dream...
Ok, yes, could be better. Has also been beaten into submission by frameworks. I can create and respond to an event nearly with a one-liner -- and I'm doing it not just with callbacks, but with callbacks that are also closures. Javascript is actually a good language -- I am not insane, I'm not being sarcastic, and if you really disagree, I suspect you don't know it very well.
And the ridiculous performance against a normal window manager like KDE or the actual GNOME?
KDE4 already uses Ecmascript (Javascript) for a few things. I wouldn't be surprised to find HTML and Webkit in there somewhere.
And for what it's worth, browser speeds are actually to the point where they occasionally double between releases. The fact that you think this would be slow mostly means you've dealt with slow, unoptimized implementations.
Or, in other words: Have you seen Chrome?
You maybe like to use a US$2000 machine to simply get the GUI usable
Actually, the machine cost more, but it does hell of a lot more than "simply get the GUI usable". KDE4 also runs on a five year old machine -- not particularly fast, but works fine, and better than the XP that was there.
Re: (Score:1)
Re: (Score:2)
Then create a web like experience on the desktop... What are you going to lose? You might have to create a new tag for application space like current window managers have (or use Object tags?), but otherwise the framework is there. Links to your favorite applications in a menu along the top, side, or bottom of the "page" with the ability to do a search of your hard drive as if it were a site on the web.
As far as applications running in the background, Google has proven that you can run IM in the browser
Re: (Score:1)
Or, into another terms: Why you will use 300MB for your super-duper html/css/ajax/etc based desktop if a simmilar using C or C++ uses only 50MB to do the same job and faster? Got it?
I will not use so much memory to the job only "because RAM is now cheap!".
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Are you... FUKING MAD? A whole desktop using a HTML engine to render the entire desktop? You know the nigthmare to create and respond to events using html and javascript? And the ridiculous performance against a normal window manager like KDE or the actual GNOME?
Sorry to burst your bubble, but KDE 3 has a fully functional Active Desktop clone. KDE4 has HTML+Javascript desktop applets. Its entire help system uses HTML, Qt4 uses CSS internally, the list goes on and on and on. Are you "fuking" retarded?
Re:Something compiled? (Score:4, Funny)
unless you are an expensive coffee drinking,
You.
iPhone toting
In.
meeja student
Sensitive.
with messy hair
Clod!
who lives in a big city
Oh, nevermind.
Re: (Score:1)
If efficiency is what's you are concerned about then why not move X, Metacity and Webkit to kernel space? that would sure save us the overhead of switching from user mode to kernel mode! /sarcasm
Re: (Score:2)
http://www.joelonsoftware.com/articles/fog0000000020.html [joelonsoftware.com]
If you want a desktop that does nothing then that's fine by the rest of us.
No problem (Score:5, Funny)
As long as it keeps my desktop active, like some sort of active desktop, then it's all good.
No more CSS (Score:5, Interesting)
CSS was intended to let designers seperate from function from form - how is that lacking in current themeing environments? The linked blog contains a laundry list of features that are in CSS that are not applicable to desktop themes and features that are not in CSS that are necessary for desktop themes. What I don't see is a list of features that CSS brings to desktop themes that are impractical in existing systems.
Let's see: a system that barely works on its intended platform that contains functionality not applicable to the new, suggested platform and is missing functionality necessary on the new, suggested platform. Gee, sounds like the right technology for the job!
Re: (Score:2)
It's a pity that your post is so far down the list.
Re: (Score:1)
Wow, the government is getting more and more involved in open source every day
Re: (Score:2)
Person B: I've seen this really cool square peg someone made!
WTF? No more CSS? (Score:5, Informative)
I'm not sure I understand how you start by saying that CSS barely works for the target environment - BILLIONS of web pages are served every day in a (relatively) cross-platform fashion.
Many of these are rather good looking, too.
So I'd have to argue that CSS doesn't work. The areas where CSS is weak consist primarily of CSS specs that have NOT been implemented (*ahem* IE) or implemented in a bone-headed way (*ahem* IE) not in areas of weakness within the CSS spec itself.
Perhaps the most amazing thing about CSS is how trouble-free its implementation has been, and just how smooth the transition actually has been.
Old stuff still basically works, new stuff just basically works better.
But while we're at it, we should also pay homage to KDE, Konqueror, and its many progeny. KDE begat Konqueror. Konqueror begat Webkit, which has begat (among too many other web-like to mention) Chrome/Chromium and Safari. And just about everybody who has worked on or with Webkit has raved about its clean design and crisp implementation.
So, we must give kudos to the excellent KDE team who has produced a product that is just now starting to give Mozilla / IE a run for their money, without all the funding by AOL for all those years.
Good job, KDE team!
Re: (Score:2)
Re:WTF? No more CSS? (Score:4, Insightful)
Try using CSS for a while, and you'll see that its creators left out some frankly baffling features, such as the ability to center an element.
The 3 major implementations (Mozilla, WebKit, and IE) all had major differences in their first versions (with none of them implementing the spec properly!)
Other features that (dead tree) page designers would find extremely common were left out as well (hyphenation and columns being my biggest personal pet peeves)
Currently, there's a big push to do applications and graphics using CSS and Javascript, which have resulted in WebKit and Mozilla adopting a set of proprietary CSS attributes that aren't part of the standard.
Don't get me wrong -- style sheets were an absolute godsend to web development. However, both the standard (and the implementation of that standard) are crap. Metacity would be much better off taking NeXT/Apple route, and using a PDF/PostScript derivative.
Re: (Score:2)
Don't forget the inability to do simple math (like center+10px, bottom-50px). How are you supposed to separate style from content when you need blank divs to simulate space calculations?
Re: (Score:2)
Actually, I'll mildly disagree with you on this one: It *would* be nice for CSS to be able to do simple math, although JavaScript is perfectly adequate for the task.
Of course, JavaScript has more than a few of its own irritating deficiencies, although JQuery [jquery.com] makes the language considerably more tolerable, and makes CSS manipulation a breeze. JQuery should have been part of JavaScript from the start!
Re: (Score:2)
You need to do the math in CSS because CSS knows how big a "em" is at runtime, and Javascript doesn't.
Take an example where you want a box to be "5em + 10px" tall. How could you do that in Javascript? (I guess you could set it to just 5em and then use JS to determine it's existing pixel size, then add 10px, then re-set the style, but man-- talk about a hack! And it wouldn't work when the user resized the font, unless they also reloaded the page.)
Re: (Score:1)
I'm a little out of practice with CSS so I may be missing something obvious, but is there some reason you can't do something like align: center, padding-left:10px to create the same effect as center+10px?
Re: (Score:2)
Try using CSS for a while, and you'll see that its creators left out some frankly baffling features, such as the ability to center an element.
You mean, like margin-left: auto; margin-right: auto;? Or text-align: center?
I agree that CSS has some startling issues, but this isn't one of them.
Re: (Score:1)
Sure, it can be done, but it's not very logical.
Re: (Score:1)
Re: (Score:1)
text-align: center doesn't work on block-level elements.
.outer { text-align: center } .outer > .inner { display: inline-block }
There. Now it does.
Re: (Score:1, Insightful)
I'm not sure I understand how you start by saying that CSS barely works for the target environment
Just look at what you have to do to make rounded corners. (This seems especially relevant for WMs :) )
Re: (Score:2)
I'm not sure I understand how you start by saying that CSS barely works for the target environment - BILLIONS of web pages are served every day in a (relatively) cross-platform fashion.
That doesn't mean it doesn't "barely work." Hell, CSS doesn't have variables, it can't do math, it took until version 3 to get extremely basic, obvious features like columns... it's god-awful. "Barely works" is appropriate in my opinion.
So I'd have to argue that CSS doesn't work. The areas where CSS is weak consist primarily
Developers use APIs usually... (Score:1)
With all this pissing and moaning about Webkit vulnerabilities and whatever, you are forgetting that there almost certainly will be an API which goes between webkit and the the WM (and possibly more APIs on top of that!) which not only makes interfacing with the WM and the rendering engine easier but it also should restrict the amount of stupid things that you can do!... or rather the amount of things that malicious code can do.
Ah... I forgot. Everybody on Slashdot codes in binary (and the noobs use assembl
Re: (Score:1)
True story - you aren't far off the truth (Score:2)
It's said that when they gave their first presentation in London, most people present knew nothing about computers and
Re: (Score:1)
Power and future-proofing? (Score:1, Insightful)
Maybe I'm old-fashioned, but I'm not really seeing why we need so much power or future-proofing in a window manager. The window manager is responsible for... what, drawing title bars and window frames? Can someone explain to me what part of that needs future-proofing or would benefit in any way from an HTML rendering engine? It's not that I disagree, I hones
Re: (Score:2)
Re: (Score:1, Insightful)
Maybe I'm old-fashioned, but I'm not really seeing why we need so much power or future-proofing in a window manager. The window manager is responsible for... what, drawing title bars and window frames? Can someone explain to me what part of that needs future-proofing or would benefit in any way from an HTML rendering engine? It's not that I disagree, I honestly don't see the purpose or logic at all. I mean, if the GNOME guys decided to replace Gtk+ with WebKit... well, I think it'd be a lousy idea, but I could see the reasoning. This just completely baffles me. It's like if I suggested replacing a bookshelf with a refrigerator. OK, I guess you can put books in a refrigerator if you want; it does have shelves. And I suppose if you happened to have some books which needed to be kept cold, well, that'd be a big plus. Maybe putting an old book in the vegetable crisper would keep it in better condition longer.
But seriously, I'm not sure I've ever seen such a shining example of a solution looking for a problem.
I think the future they're proofing against is people adding arbitrary widgets to everything and then wanting them to inherit properties from the general theme.
Re: (Score:2, Insightful)
Just a random thought off the top of my head, but would using css potentially help with technologies such as screen readers for the blind? Also, as you could have named areas, does it open up areas which can be set as preferences, for instance deciding that you prefer to have menus always at the top of the screen.
Just my 1p
"It's a rendering engine" (Score:2)
There are a whole lot of rendering engines out there, why choose one with an HTML API?
As a hypothetical alternative, OpenGL is also a perfectly good rendering engine, why not use it? It is just as ubiquitous, it supports every conceivable rendering operation one would ever want to perform. Nothing can touch it in the efficiency department. There are OpenGL bindings for many languages. There's even the new javascript OpenGL binding.
If I was going to choose a rendering engine, I would look first at its AP
Re: (Score:2)
There are a whole lot of rendering engines out there, why choose one with an HTML API?
Yes, the API seems to me to be give the lie to the idea that WebKit is just a rendering engine, not a browser. If you look at the API [webkitgtk.org], it's very clearly designed to power a browser-style application. If it exposed an API that you could pass a DOM tree and a list of CSS styles, and get back a pixmap rendering, that might not be a bad backend for a theming system. But WebKit doesn't expose that low-level API, rather, its API is based around loading whole HTML pages.
Re: (Score:2)
Would it really be so difficult to add the ability to pass it a DOM tree?
Unprecedented? Please. (Score:1)
would allow Mutter to have unprecedented power,
Unprecedented? It's not as if Windows didn't integrate the browser/rendering engine into Active Desktop, back in what, 1995? And surely Symphony OS never implemented a gecko-based desktop manager.
Re: (Score:3, Insightful)
Active Desktop was part of or released with IE4, probably in mid-97. Too bad it sucked system resources so hard and was so unstable
Re: (Score:2)
And since Microsoft already tried it and failed, all other attempts should be squashed... because Microsoft is the epitome of efficiency and speed and therefore cannot be beat!
KDE already depends on WebKit. (Score:2)
WebKit ships with QT. KDE depends on QT.
It's time for another Good Idea/Bad Idea... (Score:2)
Implementing this by shoehorning an entire Web rendering engine into a window manager is not a good idea. By definition it means including a huge amount of unrelated and unneeded functionality, any or all of which could contain bugs. Witness the lessons of Display PostScript in NeXTStep, which introduced security problems due in no small part to including far more than was needed for t
Re: (Score:1)