I dislike the whole "Pop out the system settings dialog and enable things for the application" approach. It throws users into what is likely unfamiliar territory, which just obfuscates things further.
I think a list of permissions with detailed explanations as to what they mean, and a Yes button, is a better approach.
Although there needs to be an option to disable or even mock certain permissions.
Agreed. Especially since there is no explanation why the permission is needed and what it does in detail. I am a very experienced Windows dev but on my MacBook I have no idea what the exact implications are when an app requires access to “accessibility”. I am pretty sure the regular user doesn’t even have the foggiest idea but just does what he is told to do to make the app work.
There is also no log what tells how the app uses the permission. It would be nice if there was a log of each use of the granted permission.
The rule of thumb I would use for an “accessibility” permission is: if the application’s purpose is specifically for disabled people (like a screen reader or magnifier for blind people), and you are disabled, then you should choose Yes. In all other cases always click No. Accessibility tends to be a “back door” permission that allows apps to do all sorts of powerful things they shouldn’t, like read the contents of everything you type and scrape the screen. “Normal” apps should never ask for accessibility. If they are, their developer is likely up to no good.
Dropbox, for example, was recently in the news for silently granting itself accessibility permission, and Apple had to update the OS to prevent them from doing it. They still beg users to grant them this, even lying (EDIT: misleading users) on their web page about the purpose of the permission [1].
I have had several legitimate apps asking for accessibility permissions. I guess it comes down to the fact that permissions are not fine grained and specific enough. Same on android and iOS.
Accessibility permissions allow you to do a lot of really great stuff with Apple Events that is otherwise just completely impossible. I use it very heavily on my own machine.
It's certainly a powerful ability, and I can completely understand not wanting to grant it, but realize that the need is legitimate (and non-malicious) in a lot of cases.
This does not really work for things like tiling window managers on macOS—are you suggesting developers of such tools are up to no good, or are such system-control tools not fitting “normal”?
If it can’t be done with non-a11y APIs then it doesn’t fit the definition of “things Apple thinks normal app should do,” whether we agree with that or not. The way I see it, and I know it’s a controversial view, if a developer is ok with flaunting the platforms rules about the purpose of an API[1], then what other behavior might they be ok with?
1: The first sentence in Apple’s accessibility API docs[2] is: “Accessible apps help users with disabilities access information and information technology.“ I think they are very clear about the purpose of these, and it’s not “to do cool innovative things missing from the regular API”.
Contrary to ryandrake's rule of thumb, window managers are accessibility tools. You could argue that there should be a distinction between accessibility-tools-for-disabled-people and accessibility-tools-that-are-useful-to-everyone, but I'm not convinced such a distiction is useful, especially since Apple would likely try to subvert and destroy the accessibility-tools-that-are-useful-to-everyone, since those conflict with their user-hostile UI design, as https://news.ycombinator.com/item?id=21828816 alludes to with:
> I think they are very clear about the purpose of these, and it's not "to do cool innovative things missing from the regular API".
I think a list of permissions with detailed explanations as to what they mean, and a Yes button, is a better approach.
Although there needs to be an option to disable or even mock certain permissions.