Open Radar

 
Summary:
CGWindowListCopyWindowInfo() fails (returns nil) in any sandboxed app that has been launched by calling  SMLoginItemSetEnabled(YES);

Steps to Reproduce:

(See attachment for Xcode project that reproduces bug)
1. Create a sandboxed front end application
2. Create a sandboxed back end application
3. Build it so backend application is copied into the front end app's bundle, and is launched by a call to SMLoginItemSetEnabled().
4. Have the backend application call CGWindowListCopyWindowInfo(), or any of the CGWindowList* functions.

Expected Results:

Either one of two things:
1. CGWindowListCopyWindowInfo() would succeed with the list of windows.
2. sandboxd daemon would log an error stating that it was denied, or some kind of error from someone would be logged into the Console so it would be clear why it is failing.

Also, I expected this behavior, if it is intentional, to be documented in Apple's docs.

Actual Results:

CGWindowListCopyWindowInfo() returns nil, which according to the only documentation I could find (in the headers), means "the caller is not running within a Quartz GUI session or the window server is disabled." However, the app is able to present UI and everything, so neither of these conditions appear not to be the case.

Regression:

If the backend is not sandboxed, or if it is launched by another means other than SMLoginItemSetEnabled(), then CGWindowListCopyWindowInfo() works fine. It ONLY fails if it is both sandboxed AND launched by SMLoginItemSetEnabled().

Notes:

This is preventing my shipping app from being sandboxed. It is also not clear to me if this is a bug or desired behavior. If it is intended behavior, then this bug report is for documenting the behavior somewhere, and adding an entitlement (or another way) to have CGWindowListCopyWindowInfo() succeeded in these circumstances.