Closed ShikiSuen closed 10 months ago
Title: SecureEventInput Abuse Detected.
vChewing has detected that the following background processes are abusing the SecureEventInput, hindering all 3rd-party input methods from being able to switch to.
It is fine to use SecureEventInput for sensitive input fields. However, an app calling EnableSecureEventInput() is responsible to call DisableSecureEventInput() immediately right after the input field loses focus. This situation may also happen if an app is hanging in the background (or working as a helper application in the background) with its SecureEventInput left enabled.
The found processes are:
[PID: 114514] Yajuu Senpai.app (com.coatClub.SeniorTheBeast) → /Applications/Yajuu Senapi.app
When you are seeing this message, vChewing has already attempted to call DisableSecureEventInput() trying to make itself selectable in the input method menu again. Your suggested further steps:
Keep a screenshot of this dialog (if you don't have one) for further purposes.
If vChewing is still not selectable in the input method menu, you are suggested to manually terminate the processes listed above to force-release their SecureEventInput states. This will make vChewing available immediately.
If the process belongs to an app from Mac App Store, please report its abuse of SecureEventInput to Apple. Apple may take actions to such apps if necessary, including pulling them off from the Mac App Store until the problem gets solved by their individual developers.
Whether this process is from Mac App Store or not, you report this abuse to the related app vendor / developer. You may give them the screenshot of this alert message since it should have enough information to help the vendor / developer troubleshoot the issue.
因為濫用 SecureEventInput 而導致第三方輸入法全部罷工的情況困擾了 macOS 副廠輸入法開發者至少十幾年。 但因為這些積年的怒氣就大砲打蒼蠅的話也太荒唐,不如盡量將打擊範圍弄得精準一些。
大體原理如下: 一、用
ioreg -l -w 0
取得當前全部的 ioregEntry 條目清單。 二、grep SecureInput
。兩者合併就是
ioreg -l -w 0 | grep SecureInput
。找出結果之後,只要相關結果對應的 bundleIdentifier 不是當前應用,就可以認定該 app 有在濫用 SecureInput。然而,威注音是 Sandbox 處理過的軟體,不能直接跑終端指令。於是唯有用 Swift 程式碼手段重現 ioreg 這款工具的行為。 https://opensource.apple.com/source/IOKitTools/IOKitTools-97/ioreg.tproj/ioreg.c.auto.html 沒準可以趁此用 Swift 徹底重寫整個 IOKitTools,但這又有點大砲打蒼蠅了。