Pointer grabs causing accessibility issues! Why not deprecate them?
mailinglists at who-t.net
Wed Apr 30 20:44:35 PDT 2008
Eamon Walsh wrote:
> Francesco Fumanti wrote:
>>> Honestly I'm increasingly convinced that MPX is the best way to solve
>>> this problem, and related problems such as separating input by security
>>> Create a new virtual mouse/keyboard that no one else can see and use to
>>> it to get the password.
>> Wikipedia just informed me that MPX stands for Multi-Pointer X Server. ;-)
>> But how does it solve the pointer grabbing issue: could an application
>> not simply grab the events of all pointers and keyboards?
> This can be controlled through security policy or an extension. Devices
> are referenced by number in protocol requests and the device lookup
> function does a permission check. MPX has some built-in access
> controls. There's almost certainly work to be done but the concept of a
> private device (that could still be seen by input helpers) seems not too
> far-fetched. Under this scenario the password dialog would not need to
> perform a grab.
MPX access control is _NOT_ a security feature*. It's a GUI feature to
avoid events being sent to specific elements.
When you have N users clicking on the same UI at the same time, it can
be helpful to say "button X only responds to user X". MPX allows do to
this simply, but that's about it. Events still get sent, albeit to
different windows and/or clients.
* I don't see why it couldn't be made into one, but I'm not a security
guy. Feel free to look at it and help me improve it.
More information about the xorg