However, I think I have one more previously unknown issue with
AuthorizationExecuteWithPrivileges which is not dealt with in your
code. If the file descriptors for stdin and stdout have been closed,
then AuthorizationExecuteWithPrivileges silently fails(!!). [...]
Question is, can you confirm that this is a bug in AEWP and not
covered in your code?
Let me get this straight. You're saying that, if file descriptors 0
and 1 are closed in the /application/, AEWP fails silently?
Interesting. I've not encountered it before. Closing the standard
file descriptors in an application is quite unusual. [It's common to
do in a daemon, but daemons don't go around calling AEWP.]
Looking at the code, it seems that both MoreAuthSample and
Authorization Services suffer from problems with 0 and 1 are closed.
Code like this:
err = socketpair(..., fds);
err = dup(fds[0], 0);
err = dup(fds[1], 1);
runs into trouble if fds contains low numbers.
Traditionally, one does not close these low numbered descriptors;
instead, you open /dev/null and dup it down on to them.
Still, smells like a bug to me. Please feel free to file it.
[In general DTS asks developers to file their own bugs because it
emphasises that the issue is affecting real developers. Also, it has
the added benefit that you can track the bug's status yourself.]
S+E
--
Quinn "The Eskimo!" <http://www.apple.com/developer/>
Apple Developer Technical Support * Networking, Communications, Hardware
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macnetworkprog/email@hidden
