<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi Mihai,<br>
<br>
<div class="moz-cite-prefix">On 25.09.2018 20:21, Mihai Hanor wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CALv6pCZNi=JWBbsFg8tCqrxm-QLFXTSF3HdWE-_T9+_7yqw2GA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<div dir="ltr">Hi Klaus,
<div><br>
</div>
<div>When you say that the devs have been working on it, are you
referring to the 5.2.18 release build, the testing builds or
the svn? I've build today a svn on Windows 10 and the Windows
Narrator is not able to read the VM window menu controls. All
I hear for it is "pain"/"main" or something similar, I'm not
sure what it's saying. It's only able to read the VM window
title. The same thing happens with 5.2.18.</div>
</div>
</blockquote>
<br>
The work on accessibility has been during the 5.2 development mainly
(requiring a new approach since Qt5 manages accessibility quite
differently than Qt4). And one of our GUI devs just confirmed that
both Microsoft Narrator and NVDA do a reasonable job with reading
the majority of the manager UI (which has been the topic so far)
from the latest 5.2.19 test build (actually a more recent one which
isn't available publicly, but there were no significant changes in a
while). "Reasonable job" means that they're correctly reading the
text for UI elements where the mouse cursor is hovering.<br>
<br>
So we'd need more details about what aspect of accessibility isn't
behaving adequately.<br>
<br>
<blockquote type="cite"
cite="mid:CALv6pCZNi=JWBbsFg8tCqrxm-QLFXTSF3HdWE-_T9+_7yqw2GA@mail.gmail.com">
<div dir="ltr">
<div>From my perspective (building VirtualBox and crashing
things), the fact that the OS or the debugger are unable to
get a "handle" on the hardened process, it's something
missing. WER just lets the process exit, because it can't
attach to it. Windbg also can't attach to the process. I'm
only able to save a dump when there's no default debugger,
when the OS puts a message box that the process has crashed,
then I start Process Explorer as admin and dump the process. I
haven't found a way to do automatic process memory saving.
That's the experience I remember, because I haven't had a
crash in some time. A build-in crash handler could help users
report crashes, it could be useful.</div>
</div>
</blockquote>
<br>
Debuggers simply have no business in a process doing virtualization
work (just like random, untrusted DLLs which some applications
inject into every executable, some of them totally destroying any
remaining bit of security, interestingly mostly done by apps
promising to increase security). They could corrupt the state of the
VM which can end up trashing kernel memory, i.e. being a security
issue. So this "loss" is entirely intentional (i.e. that the VM
process handle which is passed to other parties is seriously
stripped down). It's a different question what to do for post-mortem
dumping, because at that point the VM is already effectively dead.
But IIRC Windows adds a new thread to it, kind of bringing it
partially back from the dead. Which would again end up being
questionable from the security perspective.<br>
<br>
Klaus<br>
<blockquote type="cite"
cite="mid:CALv6pCZNi=JWBbsFg8tCqrxm-QLFXTSF3HdWE-_T9+_7yqw2GA@mail.gmail.com">
<div dir="ltr">
<div><br>
</div>
<div>Regards,</div>
<div>Mihai</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Tue, Sep 25, 2018 at 8:52 PM Klaus Espenlaub
<<a href="mailto:klaus.espenlaub@oracle.com"
moz-do-not-send="true">klaus.espenlaub@oracle.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> Wait... is it really
confirmed that Narrator can't work with (hardened)
VirtualBox either? That would mean our devs must have been
testing the wrong thing for quite a while now. It certainly
hasn't reached my attention so far.<br>
<br>
For many reasons we cannot recommend that random people run
non-hardened builds. What might be a way out (not with the
current builds, they would be affected by hardening) is to
ship an additional compilation of the VM UI which is not
subject to hardening and can be used solely with the
"separate VM/UI process" option which VirtualBox has
already. Would bring some minor feature losses, but if that
would bring back full accessibility I can see a good
justification for spending the necessary time.<br>
<br>
Klaus<br>
<br>
<div class="m_-3599092535668214582moz-cite-prefix">On
25.09.2018 19:26, Mihai Hanor wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hello,
<div><br>
</div>
<div>I'm not a developer, but I have some experience
with VirtualBox. The reason why not even Microsoft's
narrator is able to work with VirtualBox is the
hardening of the VirtualBox process, which is enforced
to protect the VM from eavesdropping (I think). You
can look at the VirtualBox SDK, but you'll probably
not find what you're looking for. Also, integrating
the NVDA client controller is probably not going to
happen and it doesn't look useful, because it requires
VirtualBox to send stuff to NVDA (by looking at the C
example), which would require considerable effort to
rewrite the GUI. The most achievable task might be to
build VirtualBox OSE for Windows, without hardening. A
much harder task would be to separate the the
frontend/GUI part from the VM process and make the
frontend run in a normal process. In the upcoming
major release of VirtualBox, it looks like the devs
have made a move to separate the VM process, but I'm
don't know to what end. The frontend still runs in a
hardened process.</div>
<div><br>
</div>
<div>Regards,</div>
<div>Mihai Hanor</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr">On Fri, Sep 21, 2018 at 12:30 PM Илья
Пащук <<a href="mailto:ilusha.paschuk@gmail.com"
target="_blank" moz-do-not-send="true">ilusha.paschuk@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">helo.<br>
<br>
<br>
I'm a nvda (<a href="http://nvaccess.org"
rel="noreferrer" target="_blank"
moz-do-not-send="true">nvaccess.org</a>)
screenreader addon developer<br>
<br>
I need the way to get some object text in vbox gui,
that unaccessable by <br>
standard methods.<br>
<br>
are there any api interface to get this info from vbox
gui?<br>
<br>
<br>
i'm using python.</blockquote>
</div>
</blockquote>
</div>
</blockquote>
</div>
</blockquote>
</body>
</html>