I have a somewhat complex problem I am hoping the list can help me with. Ultimately, what I am trying to do is grant my application rights to use the Accessibility API without forcing users to turn on ³Enable access for assistive devices². My application uses AppleScripts (primarily calling System Events) to move the front window of any application between displays.
So, I have read up on the AXMakeProcessTrusted function, and seen the example at http://caffeinatedcocoa.com/blog/?p=12 on how to use this function. The problem is, using that approach causes the AppleScripts in my application to fail with the error 2709 (can¹t access dictionary). First question: I have seen a message saying that AXMakeProcessTrusted was broken in Tiger. Was it fixed in Leopard? It seems to work correctly, save causing my AppleScripts to fail. Next question: Are the AppleScripts failing because the application process has elevated rights due to AXMakeProcessTrusted, or is it because the application links to the Security Framework? I have seen posts/messages that suggest both. If I can get my application the status of AXProcessIsTrusted without linking to the Security Framework, will the AppleScripts work? (And is this a bug or a security feature?) Third question: Assuming the answers to the first two questions are favorable, how would you more experienced and wise developers go about doing something like this? How can I do a one-time operation as root without linking the Security Framework into my main application? It seems to me I need to include two separate agents in my app one that is run with normal permissions from the main app (thus, no need to link to the Security Framework or give the main app generally elevated permissions), and then a second one, called from the first agent with privileges, that actually executes the AXMakeProcessTrusted function on the main app. Does this seem right? I am a novice programmer, but I have looked at both NSTask and the NSWorkspace - launchedApplication: method and can¹t discern the easier way to go in terms of passing the main app¹s path to the first, and then the second agent applications. I am not even sure of the proper build settings for a project using two helpers in this manner. Could I use a shell/perl script as the middle agent? Sorry for the longwinded/semi-ranging question(s), but any and all advice the more experienced can offer would be really really appreciated. (I have looked at AuthSample, MoreAuthSample, BetterAuthorizationSample and AuthorizedTasksInCocoa¹ (from http://www.sheepsystems.com/sourceCode/authTasksCocoa.html) and none of them suggested an easy and straight forward solution to me.) _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
