Yichao Yu <yyc1992@...> writes: > On Mon, Apr 15, 2013 at 3:45 AM, Pekka Paalanen <ppaalanen@...> wrote: > > Allowing command line utilities the access to clipboard contents (or > > to take screenshots, equivalently), is a problem. Enabling them enables > > all spy programs, too. I'm not sure we can both enable them and stay > > Why does a spy program have to steal sth from your clipboard while it > can easily send out your whole $HOME Because it's confined by a MAC, or running as another user and your $HOME is o-rx?
[...] > > An optional protocol extension must be the starting point for any > > proposals like this one. Let's keep the system secure by default, but > > If you trust a program and run it, why should you implement a security > layer where there is nothing much to protect. It might get subverted, and you'd rather limit the damage it can cause when it is. PDF viewers, web browsers, and media players have significant attack surfaces. Trusting all your clients as much as you trust the server is valid for at least one use-case, but not necessarily for all of them. _______________________________________________ wayland-devel mailing list wayland-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/wayland-devel
