Comment from waffle.wootest.net on 2008-03-02

2008-03-02T09:28:29Z

The thing is that Apple doesn't want to address this. It wants all these hacks to go away on their own since the technology used for its original purpose has been superseded and everything else is just used to duct tape things onto other applications. (They may be *useful* hacks and I use a few myself, but they still inject code into every Cocoa app, which isn't all that good from a security and stability point of view, and practically nullifies any upside to signed apps since you still can't trust that code.)

Letting InputManagers live to see another day was clearly a small concession, and the draconian rules work as a deterrent. Putting it in /Library was probably one way of making sure you had administrator privileges to install it. They need to be owned by root and have certain permissions too, but you can set any file you own to those.

Apple isn't interested in fixing this or any other problem, because Apple doesn't want them to keep living. I'm not exactly jealous of them right now since they'll have to kill off a useful but insecure venue for extending apps.

/Jesper (since, apparently, my OpenID name is just my URL; hmm)

Comment from Andrew on 2011-01-19

2011-01-19T18:53:04Z

I guarantee this will be gone by OS X 10.8, and thats only if they include it in Lion. Apple are dumb for thinking that forcing all input managers to have system wide acces constitutes as a 'fix'

Why do Apple think that asking for your password is anything more than a minor security step. Everything asks for a password these days, from accessing your mail, to moving folders on your account. People no longer equate password protection to potentially dangerous access, they just see it as an obstacle between you and what you were trying to do before it appeared.

Comments for Input Managers and Leopard

Comment from waffle.wootest.net on 2008-03-02

Comment from Andrew on 2011-01-19