Mailing Lists: Apple Mailing Lists
 Image of Mac OS face in stamp
Re: More on daemon install and permissions/owner checks
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: More on daemon install and permissions/owner checks



>
> Hi All,
>
> I don't mean to beat a dead horse, but we are close to deciding what
> to do when our preflight script finds wrong permissions or owner
> when checking /Library/PrivilegedHelperTools/ and it's parents.  
> Here are the remaining questions we have boiled down to:
>
> 1.  Should we just aspire to the same degree of permissions/owner
> repair that Disk Utility does, i.e., not care about the owner on
> "/"?  BTW, DU does not fix a bad owner or permissions of
> /Library/PrivilegedHelperTools/.  I know some of you have said that
> DU should fix the owner of "/".
>
> 2.  If the user's system already has permissions/owner settings that
> are insecure, are we creating any additional insecurity by
> installing a daemon into a structure that is already compromised?  
> Do we have a responsibility, as a third-party software installer, to
> fix this situation?
>
> Thanks for your input.  We will make our decision this evening, Pacific time.
>
> Regards,
>
> Monte Benaresh
> PACE Anti-Piracy
>

Another thing I just noticed.  Failure during pre-flight script is not supported by Installer.  You need a Volume Check or Installation Check if you want to support installation failures based on scripting.  Can't find the thread with that in it yet, but it was an old post of mine where I was told it's not supported.

http://osdir.com/ml/installer-dev/2010-03/msg00064.html  <- only link i could find to the old post, given your decision deadline.
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >More on daemon install and permissions/owner checks (From: Monte Benaresh <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2011 Apple Inc. All rights reserved.