On Tue, Sep 15, 2015 at 6:17 PM, Michael Catanzaro <mcatanzaro@xxxxxxxxx> wrote: > I chatted with Alejandro Piñeiro about this today. The at-spi2 socket > is a total sandbox escape: it can be used to inspect the accessibility > tree of arbitrary applications, send them keyboard input, etc. We can't > allow access to it. Also we can't block it, since that breaks a11y. A > design change will be required. It should be considered in tandem with > the problem of supporting a11y under Wayland, since the design problem > there is similar. The basic issue is that Wayland clients have no > access to other Wayland clients (except through clipboard and drag-and > -drop selections), which is a security feature of the Wayland protocol, > but one that breaks much of a11y, gnome-screenshot, etc. a11y needs a > way to give privileged applications such access, while limiting the > access of unprivileged applications. Just as a data point, recent OS X versions have a per-application white list of apps which have access to the a11y APIs while older versions (<= 10.8) had a global switch, see http://mizage.com/help/accessibility.html Rui -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
