"Sloane, Brandon" <bslo...@owlcyberdefense.com> writes:

> I'm not sure how the pop-os/cosmic-comp PR is relevent. It seems to be about 
> exposing cosmic-comp as a library in general. While potentially useful, 
> several other compositors have been doing that for a while, and it doesn't 
> seem inform security decisions.

Yeah, I guess it's not explained very much on the PR — the idea is that
the library interface will expose hooks that are designed to allow an
application that's just a very small wrapper around the full compositor
implementation in the library to take over certain things, such as in
this case doing a permission check of its choice before telling the
compositor whether to proceed with something — something always on my
mind is controlling access to the clipboard, for example.

Attachment: signature.asc
Description: PGP signature

Reply via email to