• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Accessibility penalty?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Accessibility penalty?

  • Subject: Re: Accessibility penalty?
  • From: Guy Fullerton <email@hidden>
  • Date: Wed, 30 Jul 2003 11:26:47 -0700
On Tuesday, July 29, 2003, at 11:28 PM, Bill Cheeseman wrote:

on 03-07-29 9:29 PM, Andrew Taylor at email@hidden wrote:

Security. The Accessibility API allows programs to control the
machine and do anything to another program completely behind the
user's back. It is potentially the "back door" that weakens UNIX when
remote control of another machine is left unguarded. It is just like
putting your valuable data on a machine and turning on guest access
on the internet. So Apple turns it off by default (as they should)
and requires a real user to turn it on.

On this theory, AppleScript and a whole lot of other built-in utilities
would also be turned off by default.

AppleScript isn't considered quite the same type of security risk because app developers get to make the choice of exactly how much (if any) of their application is scriptable. (The details of how this choice is made depends on the framework used to build the app, of course.)

However, Accessibility happens behind the developer's back (for the standard widgets/controls/views), thereby eliminating the developer's ability to choose not to support Accessibility for any of their existing apps. The user cannot be guaranteed that any of their existing apps offer the correct level of security with respect to the Accessibility APIs, so therefore Accessibility must be turned off by default.

If the Accessibility APIs predated Mac OS X (the way AppleScript did), and if app developers understood and dealt with the implications of the implicit support via standard widgets, then perhaps Apple could have turned it on by default in Mac OS X.

I'm not sure what other built-in utilities you are referring to, so I can't speak to those.
_______________________________________________
accessibility-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/accessibility-dev
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: Accessibility penalty?
      • From: Bill Cheeseman <email@hidden>
References: 
 >Re: Accessibility penalty? (From: Bill Cheeseman <email@hidden>)

  • Prev by Date: Re: Accessibility penalty?
  • Next by Date: Re: Accessibility penalty?
  • Previous by thread: Re: Accessibility penalty?
  • Next by thread: Re: Accessibility penalty?
  • Index(es):
    • Date
    • Thread