Global shortkeys and keyboard focus

Jasper St. Pierre jstpierre at mecheye.net
Fri Jul 4 08:05:04 PDT 2014


I think the user should be in control here. I have a custom setup just
because it's something I did 10 years ago and it's engrained into my muscle
memory.

Ctrl+Shift+X is "pause/play music"
Ctrl+Shift+C is "play music" (which also means rewinding the current track
to the beginning)
Ctrl+Shift+D is "next track"
Ctrl+Shift+Alt+D is "previous track"

I understand this is a custom setup, so I'm OK with going to the Control
Panel and explicitly marking that these shortcuts do these features in my
media player.

The rest of everything is just UI. How do you expose these actions to the
user and allow them to set up global shortcuts for it? OS X makes you type
some complicated path to the menu item to trigger:
http://support.apple.com/kb/ph6889

With DBus and the new Actions available inside applications [0] , maybe we
can build a UI to allow you to hook up keyboard shortcuts to application
actions, or to shell commands, or whatever.

I don't ever want an application to be able to request a global shortcut
without my permission, and I speak as both a user and a DE developer here.
That's a support and security nightmare.

The settings you create might be DE-specific, because certain DEs might
have different features and limitations about global keyboard shortcuts.

I don't think there's any need for a Wayland protocol here. Just UI and
design.

[0]
http://standards.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html#extra-actions


On Fri, Jul 4, 2014 at 10:58 AM, Michael Schellenberger Costa <
schellenberger at inb.uni-luebeck.de> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Am 04/07/2014 16:04, schrieb Dodier-Lazaro, Steve:
> > Hi Michael,
> >
> >> Is there any reason global shortcuts should lie with an
> >> application? Wouldn't it make more sense to provide an interface
> >> on the compositor side, where clients can register a global
> >> shortcut and the compositor sends an event back in case of the
> >> shortcut being pressed.
> >>
> >> In that case the compositor could follow predefined rules
> >> switching focus etc.
> >
> > The problem is: what are the allowed global shortcuts leaking about
> > users?
> >
> > If it's any key that can be listened to, then we've just gotten
> > ourselves an API for implementing keyloggers.
> >
> > If it's any key + some modifier (Ctrl, Alt, etc) then we need to
> > see DE by DE what listening to all available key combinations lets
> > me learn about the user:
>
> I did not meant it in the way of a client listening to keys, but to
> events sent from the compositor. In no way an application should be
> allowed to listen to certain key combinations without focus.
>
> I thought more about a compositor plugin an application can register
> to (Authenticated through user) and only if the user allowed the
> application to receive a special shortcut, then the compositor sends
> an *event* to the application if that and only that shortcut was used.
> So the compositor acts as a middleman denieing some rogue application
> to listen to ctrl+c
>
> Best wishes
>
> >
> > - Can I listen to Alt+Tab or to the shortcut used to maximise
> > windows? If so can I learn the window layout of the user (or at
> > least whether a window is being displayed or not)? For instance
> > Martin proposed to use an "Expose" like view of the desktop as a
> > background for modal authentication dialogs, so that the user knows
> > it's a compositor (that is capable of moving windows around) that
> > is asking for your password. If I know that no windows are being
> > displayed because the user hasn't Alt+Tab'd for a while and just
> > Alt+F4'd then I can spoof that UI directly and steal your
> > password.
> >
> > - Can I learn if you're playing music? If you're browsing the Web?
> > If you're typing some document? Is that information alone useful to
> > profile your activities?
> >
> > - Can listening to Ctrl+C allow me to know when you're using the
> > clipboard despite it being a privileged interface? If I'm sniffing
> > your network traffic I may know that you've just landed on a site's
> > authentication page, and you're using the clipboard. You're
> > probably one of those users who have a password file that they use
> > to copy credentials from. I may now serve you an exploit on the
> > clipboard API or an exploit allowing me to scan your FS as I know
> > there's something that can be monetized.
> >
> > Generally speaking, there'll always be someone smarter and more
> > motivated than us to figure out how to build composite attacks from
> > seemingly innocuous APIs. So I'd rather lock down what is not
> > strictly necessary. How many apps need global shortcuts other than
> > the ones that have a semantic attached to them? How are the GUIs
> > for handling custom global shortcuts and Preferred handlers for
> > those semantic keys not enough?
> >
> > If we can cater for all common needs without exposing all your
> > keyboard shortcuts to potential malware, then we've done a great
> > job.
> >
> > Regards, -- Steve Dodier-Lazaro PhD student in Information
> > Security University College London Dept. of Computer Science Malet
> > Place Engineering, 6.07 Gower Street, London WC1E 6BT OpenPGP :
> > 1B6B1670
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQEcBAEBAgAGBQJTtsEtAAoJECfkpCAi2eFKzFcIAKkKdUIAlbZ9MK7bjxsLllob
> EpsJgoS35PlcOvSPQj7Qnvzcx+B059pt9OAhknt8TID28l/M6S8pdGrKwAJ66mo8
> g2bHkiVYckR1viJ5EAv5ECyYNdF8hdmiWOQmGN0sJgtBcUhkqXK8drF1EwSevrtm
> faD/8srG8YYIj6Ke2X7O7FldosIv/Rc/V+V2fMEAJ3yx8O5QUDOUTgcy1cnDF4XE
> rKHAkqiOJhhstcxInGYSDR1/DxNY3nY4QXU8odUbWmJs1hdjL5LC7T6pRmi9oVFI
> ciekFyVOiNuAOhxhSBIQzKOfeFxKoMtN/ZVEsxmSHuT7NAGMqO5vCSC3aTj4MVw=
> =QvR2
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> wayland-devel mailing list
> wayland-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/wayland-devel
>
>


-- 
  Jasper
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/wayland-devel/attachments/20140704/857526fd/attachment.html>


More information about the wayland-devel mailing list