Trusted by whom?

Is this for applications to be trusted by me that they are secure and don't betray me and protect me and my system?
Or this for the system to be trusted by the application developer to keep me away?

Is this to prevent me from taking screenshots or doing video capture?

It's to implement what the Wayland protocol designers promised way back in the beginning... that cross-desktop protocols for things like screenshot tools would be re-created in the Wayland world by having a method where the risky APIs were only exposed to applications you granted permission to.

...sure took them their sweet time.

It really is. See, I use this other desktop software -- I don't believe I gotta mention its name -- I can help feeling a little envious when I'm reading certain GNOME news these days.

I see GNOME is into the whole child labor thing too

Ownership verification. To see if it trusts itself.

To allow you to take screenshots and doing video capture

Here's what Michael left out:

Taking screenshots or video capture is still use the pipewire and the dbus screencast interface. This Trusted Clients does not change this in fact Trusted Client if it wanted to screenshot or video capture they have to use the same thing as this interface does not in fact give access to compositor output.

This is to allow desktop icons, docker... and so on to be moved out to individual applications outside the main compositor. Of course done this way some random not approved program cannot go and replace the desktop icons, docker... Core wayland really restricts what kind of windows applications can request. This gives trusted applications extra types of windows they can request over and above the base protocol of wayland.

If trusted method does take off between compositors could make those who want to mix and match docker from one solution with the wayland compositor from another and so on happier.

This could be party that libinput telling about lag forces this to be address as well to get stuff out the main compositor loop and into sub programs.

Really good questions.

I wanted to ask the same for the first question!

It wouldn't surprise me at all if we see some crap from Canonical like something wrapped in Snap trusted by default.

Or some internet giants like Netflix does their own app which will be trusted and you, as the user will be untrusted, even though you're the owner of the computer.

I would metaphorically throw my computer out of the window if I'm recording my desktop for some tutorial to show others how to to something and all of a sudden a trusted app opens up and breaks that.

While the computer will be out only metaphorically, the desktop environment who allows this will go to trash bin immediately.

No program on my computer does the "My way or the highway with me" !

In any case high level security on the Linux desktop is nothing more than a complete joke.

Every program is pretty much allowed to do anything, no boundaries, no limits, no permission asking.

I had to put a tape on the webcam because there absolutely nothing to protect my privacy from the programs who want to access it without my permissions.

This "trust everything" is defnitely good, but also making programs trusted by anyone other than the user of the computer.

There's a config option in Gnome and according to its description you can dissallow applications to use the camera. On the other front the 'high level security' means nothing. You can set whatever you want, but you still have to put a tape on your camera when using Windows.

I didn't understand a thing in the article but all this talking about child windows makes me wonder if there's a case for updating the COC regarding the use of the "child" wording

This patch allows to give specific window privileges (like painting the desktop icons, creating docks, or building desktop bars) only to those applications specifically allowed by the user. This is: if the user wants to have icons in the desktop and installs an specific program for that, only THAT program chosen by the user will be allowed to paint the icons (which is an operation that only should be allowed to be done by code trusted by the user) but no others programs, thus ensuring that if, for any reason, there is also a malicious program that tries to fake a desktop and cheat the user, it can't.

Currently only Gnome Shell extensions have those window privileges.

I hope this explains better what this patch is about.