|
|
|
|
|
|
by eropple
3058 days ago
|
|
|
A desktop application has need to instruct the OS to draw its window. That can be reasonably unprivileged--an app owns its windows, this is easy. Most applications have no need to read raster data from its window. Even fewer have need to read raster data from the desktop itself. Desktop applications are not "meant to" have access they don't need. They sometimes have that access as an accident of history, but they are not "meant to"; we've known about the principle of least privilege for a long time. And the MacOS sandbox (which, to be honest, doesn't work very well, but that's neither here nor there) is intended to enforce application privileges and reduce escalation. |
|
|