Re: Intel UI scripting
Re: Intel UI scripting
- Subject: Re: Intel UI scripting
- From: Scott Doenges <email@hidden>
- Date: Sun, 25 Jun 2006 21:21:06 -0600
Bill,
Yeah I can imagine why Apple developers might consider this to be a
can of worms, especially given the advertised overall security of the
platform. Only one way to find out if it's by design or accident - I
just submitted it via ADC. This problem really isn't that big of a
deal to me, but now I'm just curious!
That's interesting about authorizing apps to use the accessibility
API with a one-time prompt. Out of curiosity, where is the list of
trusted apps actually stored, in a ByHost pref or certificate or
something?
As far as the clients I'm running this on, well they get wiped clean
every night due to the nature of their location, so I'm not worried
about my users disagreeing with the security policy :-)
thanks again for the help,
Scott
On Jun 23, 2006, at 4:33 AM, Bill Cheeseman wrote:
on 2006-06-23 12:36 AM, Scott Doenges at email@hidden wrote:
Bill, I'm sure you would know better than I - what are your
thoughts on this
as a potential security issue?
I've debated that with the Apple engineers. I don't see the risk
from GUI
Scripting as being any more serious than the risk from AppleScript in
general. After all, any disabled person who wants to use assistive
applications has to turn on the "Enable access for assistive devices"
setting and leave it on all the time.
But Apple feels differently, and they've thought it through much
more deeply
than I. You've done some great detective work to find that
invisible file. I
suspect, however, that your bug report will result in Apple's simply
implementing the security mechanism differently so that it's harder to
subvert.
As of Tiger, there is a new mechanism available that developers can
use to
authorize a specific application to make use of the accessibility API
without turning on the system-wide setting. I plan to implement it
in UI
Browser 2.0. It allows a one-time authorization dialog to mark a
specific
application as "trusted." You will be asked at install time, or
maybe as an
application preference, to designate UI Browser as a "trusted"
application.
After you authorize it with an administrator password, from then on UI
Browser's accessibility features will work on that machine whether
"Enable
access for assistive devices" is turned on or not. This actually
improves
security, since you don't have to turn on the System preference for
all apps
just to use one app.
However, GUI Scripting would still require turning on the System
preference,
unless Apple changed the AppleScript Utility's "Enable GUI Scripting"
setting so that it really only applied to GUI Scripting. Today, it is
exactly equivalent to turning on accessibility system-wide. A good
solution
would be a scripting addition that puts up the standard system
authorization
dialog to enter administrator authorization, perhaps to make a
specific
script trusted. Maybe I'll write one.
In the meantime, if you distribute scripts that turn on GUI
Scripting or
accessibility, you really should include some sort of authorization
routine
for the benefit of those users who do feel that turning on
accessibility
could be a security risk.
--
Bill Cheeseman - email@hidden
Quechee Software, Quechee, Vermont, USA
http://www.quecheesoftware.com
PreFab Software - http://www.prefab.com/scripting.html
The AppleScript Sourcebook - http://www.AppleScriptSourcebook.com
Vermont Recipes - http://www.stepwise.com/Articles/VermontRecipes
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Applescript-users mailing list (Applescript-
email@hidden)
Help/Unsubscribe/Update your Subscription:
40comcast.net
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Applescript-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden