>
> On 27/11/2005, at 2:56 AM, John Louch wrote:
>
>> You could watch process launching on the system, and then try to determine
>> which DashboardClient is which widget (not sure exactly how to do that)
>
> That part is actually pretty easy, as the DashboardClient processes look like
> this:
> 2062 ?? S 0:00.86
> /System/Library/CoreServices/Dock.app/Contents/Resources/DashboardClient.app/C
> ontents/MacOS/DashboardClient /Library/Widgets/Stocks.wdgt/ 71040
> 41a2724894d057f3 f f
>
> I'm not sure whoever which framework to use for watching the processes. A
> glance through Foundation and AppKit didn't reveal anything obvious.
Look for:
APPKIT_EXTERN NSString *NSWorkspaceDidLaunchApplicationNotification; //
see above
In NSWorkspace.h
>
>> and
>> the kill that process. Note that you will have to kill the widget at least
>> 2 times as the dashboard server will relaunch it.
>>
>> If your users are not admin, you could possibly lock down the file system so
>> that they cannot install widget. Change the privs of ~/Library/Widgets/ and
>> the owning folder.
>
> As far as I know this won't work, as a user still has permission to delete
> this directory. They can then create a new one in its place which will allow
> them write access. I guess I could probably write a daemon that watched for
> file system changes and get around it that way.
Yeah that is why I said change the owing folder as well. Though a daemon
approach might work, it would leave a window of opportunity, but probably
safe enough.
Thanks,
jl
>
>
> Cheers,
>
> Kris
>
>
>>
>>> I'd prefer not to disable it completely, as I was going to use widgets to
>>> display user quota information. So if I can't use a wrapper, perhaps there
>>> is
>>> some way of being notified of a widget process being created, and then
>>> terminate it if its not allowed?
>>>
>>> On 26/11/2005, at 5:06 PM, John Louch wrote:
>>>
>>>
>>>> There is no way to wrap the DashboardClient process. There is a preference
>>>> to turn the Dashboard off completely.
>>>>
>>>> defaults write com.apple.dashboard mcx-disabled -boolean YES
>>>>
>>>> This is very easy for the user to workaround of course, since there are no
>>>> protections on the preference.
>>>>
>>>> Thanks,
>>>> jl
>>>>
>>>>
>>>>
>>>>> Hi,
>>>>>
>>>>> This is more an internal workings of Dashboard question, but I wasn't sure
>>>>> where else to post it. I maintain around 400 clients and need a way to
>>>>> secure
>>>>> Dashboard, ie users cannot install or run their own widgets. I tried
>>>>> writing
>>>>> a
>>>>> little wrapper for the DashboardClient.app which works for some widgets,
>>>>> and
>>>>> others will produce these messages in the syslog:
>>>>>
>>>>> 2005-11-25 21:36:29.290 DashboardClient.2[752] failed to create startup
>>>>> object
>>>>>
>>>>>
>>>>>
>>>>> My guess is its trying to do some sort of interprocess communication. Any
>>>>> ideas how to get around this, or alternative ideas would be great too?
>>>>>
>>>>>
>>>>>
>>>>> Cheers,
>>>>>
>>>>>
>>>>>
>>>>> Kris
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --------------------------------------
>>>>>
>>>>>
>>>>> Kris Kopicki
>>>>>
>>>>>
>>>>> Systems Administrator
>>>>>
>>>>>
>>>>> Walford Anglican School for Girls Inc.
>>>>>
>>>>>
>>>>> 316 Unley Road, Hyde Park
>>>>>
>>>>>
>>>>> SA 5061 Australia
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Web: http://www.walford.asn.au
>>>>>
>>>>>
>>>>> Phone: +61-8-82726555
>>>>>
>>>>>
>>>>> Fax: +61-8-82720313
>>>>>
>>>>>
>>>>> Mobile: +61407790415
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Do not post admin requests to the list. They will be ignored.
>>>>> Dashboard-dev mailing list (email@hidden)
>>>>> Help/Unsubscribe/Update your Subscription:
>>>>> http://lists.apple.com/mailman/options/dashboard-dev/email@hidden
>>>>>
>>>>> This email sent to email@hidden
>>>>>
>>>>>
>>>>
>>>>
>>>> --------------------------------------------------
>>>> John Louch Internet #: email@hidden
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> --------------------------------------
>>>
>>>
>>> Kris Kopicki
>>>
>>>
>>> Systems Administrator
>>>
>>>
>>> Walford Anglican School for Girls Inc.
>>>
>>>
>>> 316 Unley Road, Hyde Park
>>>
>>>
>>> SA 5061 Australia
>>>
>>>
>>>
>>>
>>>
>>> Web: http://www.walford.asn.au
>>>
>>>
>>> Phone: +61-8-82726555
>>>
>>>
>>> Fax: +61-8-82720313
>>>
>>>
>>> Mobile: +61407790415
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Do not post admin requests to the list. They will be ignored.
>>> Dashboard-dev mailing list (email@hidden)
>>> Help/Unsubscribe/Update your Subscription:
>>> http://lists.apple.com/mailman/options/dashboard-dev/email@hidden
>>>
>>> This email sent to email@hidden
>>>
>>
>>
>> --------------------------------------------------
>> John Louch Internet #: email@hidden
>>
>>
>>
>>
>
>
>
>
>
>
> --------------------------------------
>
>
> Kris Kopicki
>
>
> Systems Administrator
>
>
> Walford Anglican School for Girls Inc.
>
>
> 316 Unley Road, Hyde Park
>
>
> SA 5061 Australia
>
>
>
>
>
> Web: http://www.walford.asn.au
>
>
> Phone: +61-8-82726555
>
>
> Fax: +61-8-82720313
>
>
> Mobile: +61407790415
>
>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Dashboard-dev mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
> http://lists.apple.com/mailman/options/dashboard-dev/email@hidden
>
> This email sent to email@hidden
--------------------------------------------------
John Louch Internet #: email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Dashboard-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/dashboard-dev/email@hidden
This email sent to email@hidden
