Comments for Input Managers and Leopard tag:bradchoate.com,2008://4- 2008-03-10T20:58:25Z The man, the legend. Movable Type 4.1 tag:bradchoate.com,2008://4.2683-comment:22756 Comment from waffle.wootest.net on 2008-03-02 waffle.wootest.net http://waffle.wootest.net/ The thing is that Apple doesn't want to address this. It wants all these hacks to go away on their own since the technology used for its original purpose has been superseded and everything else is just used to duct tape things onto other applications. (They may be *useful* hacks and I use a few myself, but they still inject code into every Cocoa app, which isn't all that good from a security and stability point of view, and practically nullifies any upside to signed apps since you still can't trust that code.)

Letting InputManagers live to see another day was clearly a small concession, and the draconian rules work as a deterrent. Putting it in /Library was probably one way of making sure you had administrator privileges to install it. They need to be owned by root and have certain permissions too, but you can set any file you own to those.

Apple isn't interested in fixing this or any other problem, because Apple doesn't want them to keep living. I'm not exactly jealous of them right now since they'll have to kill off a useful but insecure venue for extending apps.

/Jesper (since, apparently, my OpenID name is just my URL; hmm)

]]> 2008-03-02T09:28:29Z