On Fri, Mar 07, 2008 at 09:55:44AM -0800, Mahmood Ali - Sun Microsystems wrote: > Would this conform to trusted path requirement and if not can someone > please define trusted path in layman terms ;-)
Evidently the architecture of a11y has to be taken into consideration. The screen lock program must use gtk (although parts of the a11y API appear to be toolkit-agnostic, my guess is that it still has to use gtk for the full range of a11y features), and my guess is that at-spi-registryd has to be in the trusted path also. The window manager has to be in the trusted path too, no? At least that's what I think given these diagrams: http://developer.gnome.org/projects/gap/guide/gad/images/GNOME_desktop_Accessibility.png http://developer.gnome.org/projects/gap/tech-docs/SPIBlockDiagram.png Does this: http://live.gnome.org/Accessibility/GetInvolved#head-2297791c0bbb015f9466b269fa1da9ada6a8deac help or hinder? Anyways, I think all the parts of the trusted path that are not in the X11 server should run on the same system, and then we can leverage privileges and X11 extensions to build the trusted path. Nico --
