question about security for CoreGraphics event taps

Discussion in 'Mac Programming' started by paddym, Sep 9, 2008.

  1. paddym macrumors newbie

    Sep 9, 2008
    I was playing around with keyboard mappings and I stumbled upon some behavior that I didn't understand. I wrote it up on my blog at . I'm curious to understand the reasoning behind the api decisions made by Apple
  2. gnasher729 macrumors P6


    Nov 25, 2005
    The system doesn't allow you to find out which keys are pressed when a password dialog is opened, because that would be a clear security violation (you would be able to detect the user's passwords and do all kinds of horrible things). And the user wouldn't notice, because there is no visible sign that you are reading these keys.

    The system allows you to produce keys when a modifier key is pressed; this can interfere with the operation of the computer, but is no security risk. The user notices it; if it interferes with the operation of the computer, he or she will remove your software. So we would have to assume that this "insert key" behaviour is something that the user wanted, and if he wanted this behaviour in normal text entry, it seems reasonable that he wants it while entering a password as well.
  3. iSee macrumors 68040


    Oct 25, 2004
    I can only speculate on Apple's motives but...

    I'd guess that kCGEventKeyUp/Down are protected while CGEventFlagsChanged is not because it didn't seem likely that a snooping program could derive any important information from watching only modifier keys.

    Watching/logging general keystrokes, on the other hand, could yield all kinds of good stuff.
  4. Sayer macrumors 6502a


    Jan 4, 2002
    Austin, TX
    IIRC password text fields get very special treatment down to the Kernel level in later Mac OS X.

    You can not intercept key events entered into a password text field if your app is not the owner of the password text field.

    Nice try tho.

Share This Page