[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bootstrap_register: permission denied: what's next?

Subject: bootstrap_register: permission denied: what's next?
From: Jack Repenning <email@hidden>
Date: Fri, 30 Nov 2007 17:02:10 -0800
Delivered-to: email@hidden
Delivered-to: email@hidden

I'm a bit unsure if this is the right list -- sorry if not -- but the archives are well populated with related stuff, so I'm encouraged, yet not quite this stuff, so I ask:

My program (a Finder plug-in, actually) works fine in Tiger, but logs messages like this in Leopard:

11/30/07 2:45:55 PM SCPluginUIDaemon[14305] *** CFMessagePort: bootstrap_register(): failed 1100 (0x44c) 'Permission denied', port = 0x3d03, name = 'org.tigris.scfinderplugin.overlaymessage' See /usr/include/servers/bootstrap_defs.h for the error codes.

11/30/07 2:45:55 PM com.apple.launchd[145] (0x111000.SCPluginUIDaemo[14305]) Check-in of Mach service failed. PID 14305 is not privileged: org.tigris.scfinderplugin.overlaymessage


I've traced that to this code:

gMessagePort = CFMessagePortCreateLocal (NULL, CFSTR(kSCPlugin_OverlayMessagePort), SCOverlayMessageCallback, &context, NULL);

The program misbehaves in user-visible ways as well (sometimes fails to badge Finder icons), which I suspect are caused by this situation, since that's what this port is all about.

It's a fairly decent message, as messages go: I think I grok a fair bit about what it's telling me (short form, "you can't do that"). Since it works in Tiger, it appears the security bar was raised in Leopard (a good thing in general, I suppose). But what's not clear to me is, what do I do about this? I'm legit! How do I prove that? Must I transform my program into a set-uid? Is there another communication technique I should be using in order to avoid the need to become All Powerful?

The process is a sort of a daemon: that is, it's an autonomous, faceless process (not formally a daemon, no monkey shines with I/O streams or process groups or identity). It's launched by side effect when Finder first materializes its contextual menu; hence, it has the same identity as Finder, which is to say "whoever you are." We have an ordinary Finder contextual menu plug-in as well, which does that launching thing, and then chats with the daemon over this port. We've considered (for other reasons) rearranging the daemon into a LaunchDaemon/Agent ... has that time now come, is that the only way out of these woods?

-==-
Jack Repenning
email@hidden
Project Owner
SCPlugin
http://scplugin.tigris.org
"Subversion for the rest of OS X"


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/darwin-dev/email@hidden

This email sent to email@hidden

Prev by Date: Re: pthread_cancel and C++ destructors
Previous by thread: Re: Resident Memory, Private Memory, Shared Memory (top, Activity Monitor and vmmap
Index(es):
- Date
- Thread

Home