Having just read this, I'm saddened that this is still the state of alternative input devices on Linux.
-
@fireborn @matt We've got a permission system: portals.
However this permission is so so dangerous that we shouldn't let arbitrary apps even ask for it. People tend to click "yes" through prompts. Your web browser should never prompt for AT-level access to the system. Thus we've been avoiding designing "especially dangerous" portals, like what an Accessibility portal would be.
However we now have "entitlements", which I proposed partly for the accessibility purpose. (1/2)
@fireborn @matt with entitlements, apps have to declare what portals they will attempt to ask for. This way accessibility tools have to be labeled with an entitlement before they can ask for such a dangerous permission.
Then the app store has the ability to review if the entitlement makes sense. A web browser that tries to claim that it's an accessibility tool will be against app store policy and will not be published.
Thus: we make it safe to have a hyper-privileged accessibility API (2/2)
-
@fireborn @matt We've got a permission system: portals.
However this permission is so so dangerous that we shouldn't let arbitrary apps even ask for it. People tend to click "yes" through prompts. Your web browser should never prompt for AT-level access to the system. Thus we've been avoiding designing "especially dangerous" portals, like what an Accessibility portal would be.
However we now have "entitlements", which I proposed partly for the accessibility purpose. (1/2)
@AdrianVovk @matt Ask for, no. But a user should be able to go in and add an app manually, in the case where an app is not distributed via an app store system. Not every app is going to request entitlements properly. Unless the app simply won't launch, then I think there needs to be a way around that.
-
@AdrianVovk @matt Ask for, no. But a user should be able to go in and add an app manually, in the case where an app is not distributed via an app store system. Not every app is going to request entitlements properly. Unless the app simply won't launch, then I think there needs to be a way around that.
-
@AdrianVovk @matt the future is sandboxing however. For security and privacy. I'm inherently in support of a system like this.
-
@AdrianVovk @matt the future is sandboxing however. For security and privacy. I'm inherently in support of a system like this.
@fireborn @AdrianVovk I'm not sure that it's possible to meaningfully sandbox assistive technologies. But I do think it's important to prevent arbitrary applications from claiming the privileges of assistive technologies.
-
@fireborn @AdrianVovk I'm not sure that it's possible to meaningfully sandbox assistive technologies. But I do think it's important to prevent arbitrary applications from claiming the privileges of assistive technologies.
@matt @AdrianVovk I don't think anyone is saying we should sandbox assistive technologies, just that applications shouldn't be able to arbitrarily access the things that assistive technologies need to function.
-
R relay@relay.mycrowd.ca shared this topic
