[g-a-devel]role type - "password-text"

Hello all,

I could see a role type called "password-text" in
I guess this is used for text widgets that take passwords.

Is this currently used anywhere?
How does AT handle this ?

Please give in your valuable suggestions and opinions


-------- Original Message --------
Subject: RE: hi
Date: Wed, 24 Jul 2002 13:15:29 +0530
From: "Mukund" <mukund rajagopalan wipro com>
To: "Anju" <anju premachandran wipro com>


> There is a role type called "password-text" in
> atk/atk/atk-enum-types.c.Where is this exactly used?Can it cause any
> security loopholes?
	(1) This would be something to *plug* any security hole. AT-s will have
to look at this role and act accordingly. AT-s normally 'read-out' the
text typed for blind users. The fact that you got a distinct role for
passwords (instead of sharing the role of normal text) means that the
AT-s will read "StarStarStarStar" when "ABCD" is typed.
	(2) The above, if right, means that you got to audit, not only the
applications that has password-feature in them, but also the AT-s.
That's because it's not sufficient that the apps set the AtkRole but the
AT-s respect the roles that are set.

	(Disclaimer: All thoughts of mine are a guess and Bill will have to
confirm but this is a good guess :-)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]