X Windows System
Any graphical application running under X Windows System (X11) can see what any user is typing in any other application for any user.  For example, if user
userrunning X11 would run
lxsudo -u limited-user some-applicationthat application if compromised could sniff anything that user
useris writing. Including but not limited to any
See the footnote on that page too.
Can apparmor prevent that?
AppArmor prevent access to the the API that
xinput is using for global keyboard sniffing?