We have a Mac App Store app that needs access to the Accessibility API. Starting with Mavericks 10.9, there is a system whitelist for applications that want to use the Accessibility API (System Preferences → Security and Privacy → Accessibility).
When testing the update for our application, we noticed that immediately after updating from the old version, the system tells us that we are not allowed to use the Accessibility API ( AXIsProcessTrustedWithOptionsreturns NO), although our application is in the white list with the checkbox selected. As soon as we remove and check the resolution, everything works fine.
Obviously, this is not an acceptable upgrade scenario for us, especially since the availability white list is similar to the depth in System Preferences and is not accessible from the code.
Is this a system error? Is a workaround known? We agree on the need to double-check Accessibility permissions after a major update - it simply distracts your users from navigating to system settings only to check a checkbox that has already been checked, without a function.
Update:
During the first launch after the update, the system complains about the console:
16/03/15 06:47:10,343 tccd[190]: Unable to verify code signing identity of com.company.app: code failed to satisfy specified code requirement(s)
16/03/15 06:47:10,350 universalAccessAuthWarn[401]: AccessibilityAPI: pid 471, is not allowed to access the accessibility API. Path: /path/to/app
It is strange that after the permission flag for the availability white list is not checked and double-checked, there are no errors during subsequent launches, even if the binary file matches.
Ive SQLite, (/Library/Application Support/com.apple.TCC/TCC.db). access csreq, / :
$ sudo sqlite3 /Library/Application\ Support/com.apple.TCC/TCC.db 'select client, quote(csreq) from access'
com.apple.dt.Xcode|X'…'
com.apple.AccessibilityInspector|X'…'
com.ourcompany.app|X'…'
( "...".)
, , csreq. , .
, , - . ? , NULL , . , API Accessibility YES, .
GitHub.