Re: setuid to root App cannot compile NSAppleScript
Re: setuid to root App cannot compile NSAppleScript
- Subject: Re: setuid to root App cannot compile NSAppleScript
- From: Lorenzo <email@hidden>
- Date: Thu, 11 Dec 2003 18:12:16 +0100
Hi,
thank you for the prompt reply.
I don't have to use the AS to copy the file. I have to use the AS to close
all the open applications. Then my tool will copy the file, and restore the
ownership and privileges.
The problem is that my tool is so big and complex that is has to run as root
at all. It cannot launch a smaller sub-process.
So the user authenticate himself as root then I set seteuid = 0 to the tool,
and quit and relaunch the tool. So starting from the next time the tool
works as root all the time.
So my problem is the opposite. How to launch a no-root sub-process from a
root process?
Best Regards
--
Lorenzo
email: email@hidden
>
From: Dave Camp <email@hidden>
>
Date: Thu, 11 Dec 2003 08:57:33 -0800
>
To: Lorenzo <email@hidden>
>
Cc: email@hidden
>
Subject: Re: setuid to root App cannot compile NSAppleScript
>
>
The "normal" security model on OS X would be for your app to run
>
unprivileged and use the Security Framework to authenticate the user
>
execute a sub-process that only performed the part of the operation
>
that requires elevated privileges. The Security Framework has several
>
code examples and the documentation describes the pros and cons of the
>
various ways of executing code with elevated privileges.
>
>
That said, I'm still not sure that solves your problem for a few
>
reasons:
>
>
- Security Framework might still refuse to run an AppleScript with
>
elevated privileges. I don't know.
>
>
- Running an AppleScript as root that tells the Finder to copy a file
>
will not result in the Finder having any extra privileges. The Finder
>
is still owned by the current user.
>
>
- I would still think a root owned AppleScript would be a major
>
security hole. It's not been my experience that AppleScripts always
>
behave as intended. Last thing you want is one running as root and
>
trashing the machine...
>
>
A better solution would be to just write a small tool to do the file
>
copy and use the methods outlined in the Security Framework
>
documentation to have your app execute it. Without looking at the docs,
>
I think the correct sequence is: app authenticates the user, app
>
launches task and passes the security token, task validates the
>
security token, task self repairs if needed (suid root), task performs
>
requested operation.
>
>
Keep in mind that when root copies the file, it will then be owned by
>
root, so you will have to restore the user, group, and permissions that
>
you want (I think).
>
>
Dave
>
>
On Dec 11, 2003, at 8:36 AM, Lorenzo wrote:
>
>
> I want to do that because my application copys some file mantaining the
>
> original ownership and permissions. And in MacOS X Only the root user
>
> can
>
> copy a file maintaining the original ownership and permissions.
>
>
>
> The AppleScript come very useful because before the copy the user can
>
> tell
>
> the Finder to close his own active applications and the documents to
>
> copy,
>
> so the copy can go well.
>
>
>
> So currently the user launchs the application and authenticates
>
> himself to
>
> run it with the root privileges, then he starts an action which
>
> includes the
>
> copy of some files (and the AppleScript should fire before the copy).
>
> But
>
> the AppleScript doesn't compile. The user authenticated himself.
>
>
>
> At least I would like to compile and execute the AS as simple user.
>
> So, how to go out from the root privileges status (getuid != 0) in a
>
> while?
>
>
>
>
>
>
>
> Best Regards
>
> --
>
> Lorenzo
>
> email: email@hidden
>
>
>
>> From: Dave Camp <email@hidden>
>
>> Date: Thu, 11 Dec 2003 08:12:21 -0800
>
>> To: Lorenzo <email@hidden>
>
>> Cc: email@hidden
>
>> Subject: Re: setuid to root App cannot compile NSAppleScript
>
>>
>
>> I would expect that trying to run an AppleScript as root would be a
>
>> major security violation.
>
>>
>
>> Why do you want to do that?
>
>>
>
>> Dave
>
>>
>
>> On Dec 11, 2003, at 1:35 AM, Lorenzo wrote:
>
>>
>
>>> Hi list,
>
>>> I use to make my application run an AppleScript like this:
>
>>> ----------------
>
>>> tell application "Finder"
>
>>> beep
>
>>> end tell
>
>>> ----------------
>
>>> If I login on my machine as simple user (administrator), it works
>
>>> fine.
>
>>> If I login on my machine as "root" user, it works fine.
>
>>> If I login on my machine as simple user (administrator), and I run my
>
>>> application with setuid = 0 - that is with root privileges -
>
>>> the AppleScript doesn't compile. It returns the error -2709
>
>>>
>
>>> I do this:
>
>>> as = [[[NSAppleScript alloc] initWithSource:asText] autorelease];
>
>>> ok = [as compileAndReturnError:&asError];
>
>>>
>
>>> What should I do in order to fix the problem?
>
>>> Thank you.
>
>>>
>
>>> Best Regards
>
>>> --
>
>>> Lorenzo
>
>>> email: email@hidden
>
>>> _______________________________________________
>
>>> cocoa-dev mailing list | email@hidden
>
>>> Help/Unsubscribe/Archives:
>
>>> http://www.lists.apple.com/mailman/listinfo/cocoa-dev
>
>>> Do not post admin requests to the list. They will be ignored.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.