Open Radar

 
SUMMARY:

Enabling sandboxing makes it impossible to use event taps as active filters (mere listening event taps appear to work as expected). The attached sample code tries installing an active filter event tap for mouse down/dragged/up events; similar results can be observed when trying to tap keyboard events.

Being able to filter events with an event tap is useful in a lot of scenarios, such as…

	- preprocessing mouse events to filter out tremor in assistive applications
	- interacting with the media keys (there's no other official way)
	- text expansion utilities


STEPS TO REPRODUCE:

1) Enable sandboxing for the attached sample project (by setting a Code Signing Identity that will work for you).
2) Run it.


EXPECTED RESULTS:

I get a working tap, then tapped events get logged.


ACTUAL RESULTS:

I don't get a working tap, thus no tapped events get logged. I get this instead: "deny hid-control"


REGRESSION:

Works as expected when sandboxing is not enabled.


NOTES:

I can see how Apple is concerned about selling potential keyloggers on the Mac App Store, but users already have a switch for whether they want apps like this to work. It's in the Universal Access prefpane, its name is "Enable Access for Assistive Devices", and it used to work quite well.

Moreoever, I don't see how filtering mouse events could be considered a security threat at all.


SAMPLE CODE:

http://manytricks.com/sandbox/codesamples/radar/eventtapsandboxtest.zip