Open Radar

 
SUMMARY:

Enabling sandboxing makes it impossible to use the accessibility system to get info about windows that don't belong to my own application. The attached sample code tries getting an AXUIElementRef for the frontmost window, for instance.

Being able to interact with other applications' windows is useful for all kinds of utilities, such as window layout managers (e.g., our own manytricks.com/moom), which I don't consider a security risk at all.

The docs have this to say: "With App Sandbox, you can and should enable your app for accessibility, as described in Accessibility Overview. However, you cannot sandbox an assistive app such as a screen reader, and you cannot sandbox an app that controls another app."

So you might consider this expected behavior, but we were specifically told to file a bug illustrating the problem.


STEPS TO REPRODUCE:

1) Enable sandboxing for the attached sample project (by setting a Code Signing Identity that will work for you).
2) Run it.


EXPECTED RESULTS:

An AXUIElementRef for the frontmost window is logged.


ACTUAL RESULTS:

I don't get my AXUIElementRef. All I get is a T-shirt that says "deny mach-lookup com.apple.axserver".


REGRESSION:

Works as expected when sandboxing is not enabled.


NOTES:

I can cheat my way around getting a AXUIElementRef for the focused application by creating it myself (see sample code: "fallback via NSWorkspace" -- is that supposed to work?), but I can't find a way to get any window info, much less press their standard window buttons, which we need for manytricks.com/witch, for instance.


SAMPLE CODE:

http://manytricks.com/sandbox/codesamples/radar/accessibilitysandboxtest.zip