Re: Using Authorization Services with a Factored Application
Re: Using Authorization Services with a Factored Application
- Subject: Re: Using Authorization Services with a Factored Application
- From: OL&L Dev 2 <email@hidden>
- Date: Mon, 15 Dec 2003 18:33:19 -0800
Yes indeedy. It is a difficult task and one that Apple poorly
documents currently. What the Apple docs will not tell you is that
you need to read at least 4, and possibly 6 documents in order to get
the entire picture. It is only after reading *all* the docs that you
can begin to write the tool! :-)
You should read them in this order:
- Performing Privileged Operations With Authorization Services:
http://developer.apple.com/documentation/Security/Conceptual/authorization_concepts/
- Authorization Services Reference:
http://developer.apple.com/documentation/Security/Reference/authorization_ref/
- Authorization For Everyone:
http://developer.apple.com/technotes/tn2002/tn2095.html
- Securtiy Credentials:
http://developer.apple.com/qa/qa2001/qa1277.html
- Be Careful When Using AuthorizationCreate:
http://developer.apple.com/qa/qa2001/qa1172.html
And if you want to do any System Configuration Framework work:
- System Configuration Framework
http://developer.apple.com/documentation/Networking/Conceptual/SysConfigOverview926/index.html
- MoreSCF
http://developer.apple.com/samplecode/Sample_Code/Networking/MoreSCF.htm
After reading all of the above, next go and look at the entire code
for MoreSecurityTest in MoreSecurity. It's a good example written by
Quinn that shows how to do what you want very easily. It takes a
little getting used to but just play with it and get comfortable with
it. It will be a big help.
You might also want to check out the QISA sample code because in some
instances, you will need to add umask management code to your tool.
(Wee hee!!!!!!! The plot thickens, eh?).
When I first started writing helper tools, I printed ALL of the above
out, took them down to Kinko's to have them bound. Then I stopped and
sat down for 3 whole weeks and read them end to end.
Armed with this knowledge I then set out and wrote my first one in 3
weeks. And it was rock solid. Now I've done so many of them that I
can do them in my sleep - while eating donuts and watching "The
Bachelor" at the same time. :-)
Let me just say that the first few were *very* frustrating. There is
absolutely no way to write one of any complexity and have it work
properly without first reading carefully all the above docs *and* all
the sample code - because there are tons of tiny 'gotchas' that you
will never be able to figure out if you don't carefully study the
sample code thoroughly. Trust me - I've been there and the
frustrations are endless until you understand the *entire* picture
all at once. Just keep plugging away and playing with the samples and
docs until it works.
As for Obj-C vs. C, I heartily recommend a C-only helper tool and a
Obj-C app for the following reasons:
1) All of the Apple docs and sample code such as MoreAuthSample are
in straight C (to my knowledge there is no Obj-C helper tool
example). MoreSecurity is also written in straight C. You will need
to use its functions to facilitate calling the tool.
2) By writing it in all C, you don't have to suck in all the Cocoa
frameworks. You also avoid other problems such as the ones you
mentioned (like with self).
3) Using an Apple framework in a helper tool is in itself a security
risk: the most likely vector that hackers will use in OS X is to
replace parts or all of the frameworks, such as Cocoa.framework, with
their own malicious code. Then any app that runs will unknowingly
suck in the hacked version of the framework. Any code that links to
that compromised framework will then be wide open to the hacks. Since
your helper tool is running as root and is performing a privileged
operation, if a compromised framework is linked to it, it opens the
entire system up to the hack - the hack now has root access to the
whole machine. Which is the whole point of helper tools to begin
with: to concentrate a minimal amount of privileged code running in a
single process and to minimize the times at which that code can
execute - this providing the secure environment to execute the
privileged operation in. Compromising the security of the helper tool
essentially defeats its purpose of running separately from the app
that is calling it.
4) Performance. C and non-OOP code will execute faster than
equivalent OOP code - especially OOP code that uses dynamic binding.
The easiest way to pass your data to the helper tool is to ask
MoreSecurity to do it for you:
error = MoreSecExecuteRequestInHelperTool( toolRef, *authRef,
request, &response );
Where:
1) toolRef is the reference to your copied helper tool obtained via a
call to MoreSecCopyHelperToolURLAndCheckBundled.
2) authRef is your AuthorizaionReference.
3) 'request' is a CFDictionary you created that contains both the
commands you want executed, and the data you want passed into the
tool.
4) response is a CFDictionary created inside the tool and passed back
to the calling app so that you can then suck any response info out of
it. Be sure to use CFQRelease to release the CFDictionary once you
are done with it.
The nice thing about using CFDictionaries is you can add an unlimited
number/amount of commands/data and pass it between the tool and app.
And since NSDictionary is a toll-free bridged class, you can just
fire off your NSDictionary anywhere a CFDictionary is being used.
Check out all the handy-dandy routines in MoreSecurity - they will
vastly simplify your work in creating and calling your helper tool!
Also, the company I work for specializes in writing these suckers. If
you need one written, we can offload that work for a very reasonable
fee. ;-)
Whew..... I need a donut.....
Good luck!
Best Regards,
Orbital Launch & Lift, Inc.
http://www.orbitallaunch.com
Mission. Critical.
^^^^^^^^^^^^^^^^^^^^^^^^^^^
At 4:23 PM -0800 12/15/03, Simone Manganelli wrote:
>
Anyway, one question I have is about your recommendation to use pure
>
C instead of Objective-C. Is there a reason for suggesting to do
>
this?
>
>
The other question I have is what the best way is to pass such
>
information to the helper tool (like an NSDictionary full of
>
key-value pairs). Should I pass it as an argument when launching
>
the application, should I use an NSPipe, or should I use distributed
>
objects like the other poster suggested?
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.