Pointer grabs causing accessibility issues! Why not deprecate them?
Eamon Walsh
ewalsh at tycho.nsa.gov
Tue Apr 29 18:43:57 PDT 2008
Daniel Stone wrote:
> On Tue, Apr 29, 2008 at 12:07:19PM -0700, Carl Worth wrote:
>
>> As for application development, many of these are implicit, in that
>> the toolkit does them on behalf of the application, (which merely asks
>> for a menu or whatever, and doesn't often explicitly say "please grab
>> the pointer").
>>
>
> ... unless it's a security-sensitive app like PolicyKit, which
> explicitly says 'please do not let anyone else get any kind of access to
> input, because I'm a special case application'. Hence not letting
> anyone else get any kind of access to input is kind of a feature, in
> terms of actually being protocol-compliant, and respecting the
> application's wishes.
>
Except XQueryKeymap and XQueryPointer allow complete recovery of the
input regardless of grabs. Are the PolicyKit people aware of this?
> If we need a protocol for ordered-priority grabs, then yes, let's get
> that sorted (it's on my ever-expanding Xi 2 list: replace grabs with a
> priority at event selection, and max priority = grab, whereas the rest
> is descending). At this point, you can get the security boffins
> together, and they can bang heads and agree on a happy protocol for
> ensuring the integrity of this, such as having whatever Eamon's
> extension is called this week verify that anything grabbing at such
> a high level _is_ actually an input method.
>
Honestly I'm increasingly convinced that MPX is the best way to solve
this problem, and related problems such as separating input by security
level.
Create a new virtual mouse/keyboard that no one else can see and use to
it to get the password.
--
Eamon Walsh <ewalsh at tycho.nsa.gov>
National Security Agency
More information about the xorg
mailing list