https://bugs.kde.org/show_bug.cgi?id=479184
Nate Graham <n...@kde.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDSINFO |REPORTED
Resolution|WAITINGFORINFO |---
--- Comment #3 from Nate Graham <n...@kde.org> ---
In the past we had Spectacle going through the screenshot portal but the UX was
awful:
1. Launch Spectacle
2. Click one of the "Take a screenshot" buttons
3. Get prompted by the portal to allow this, and also to select what kind of
screenshot you want all over again
It was terrible, especially for the case of launching spectacle to via a global
shortcut to take a screenshot quickly. The UX was simply unacceptable for an
app whose only purpose is to take screenshots. It's for that reason that
Spectacle currently uses a private protocol to talk to KWin.
Now, I would like it to eventually be ported back to use the portalized
screenshot system, but only once we can ensure an adequate UX that doesn't
prompt the user to confirm doing what they just explicitly said they want to
do. As a result no actual security wold be gained by this as Spectacle would
either be whitelisted by the system, or allowed once by the user with that
permission being remembered over time.
Now, I do get your point that the existence of the command-line interface for
spectacle means that any app with access to run shell commands can secretly
take screenshots without the user's permission. That's true, and it's a
theoretical security risk.
However the interface is also useful for users automating their own workflows.
We can't prevent the users from doing something useful simply because it
*could* be abused. This would be like nailing someone's windows shut to protect
against the threat of someone nefarious climing into an open window. That's not
real security.
As such I'm quite dubious about this suggestion. If your threat model involves
untrustworthy local software having shell access, you have already lost the
battle.
But I'll let Noah the maintainer decide what to do from here.
--
You are receiving this mail because:
You are watching all bug changes.
