top | item 44016960

(no title)

> the real continuing inexcusable outrage is that Windows, even today, grants all applications full access to read the titles of all windows with no way to disable it.

IIUC, X11 had the same problem, but Wayland allows sandboxing to prevent this?

And MacOS has some degree of sandboxing? But many applications require "Accessibility" permission that similarly gives far too many privileges?

discuss

duskwuff|9 months ago

> But many applications require "Accessibility" permission that similarly gives far too many privileges?

I haven't run into too many applications requesting that permission, outside of desktop automation and window management tools (Hammerspoon, Magnet, etc) which need it to do their job.

concerndc1tizen|9 months ago

Yeah, but any application with that privilege can log all keystrokes and upload it to a third party. Obviously this privilege needs to be far more fine grained and have limitations, i.e. registering a hook on particular key combinations, rather than listening on all key events.

NekkoDroid|9 months ago

> IIUC, X11 had the same problem, but Wayland allows sandboxing to prevent this?

Wayland to my knowledge is isolated by default, with non-isolation being opt-in by both compositor and application via FD shenanigans, but don't quote me on the specifics.