Re: Authenticating without UI
Re: Authenticating without UI
- Subject: Re: Authenticating without UI
- From: Dave Rehring <email@hidden>
- Date: Tue, 22 Jun 2004 13:36:45 -0700
On 6/22/04 2:47 AM, OL&L Lists at email@hidden wrote:
>
Wrong again folks! The reason to use the 'real' password dialog is
>
because the real password dialog gets presented to the user by the
>
Security Server - the part of the OS that actually
>
handles/allows/disallows user authentication. Bypassing it is not a
>
good idea!
>
>
Michael
>
Orbital Launch & Lift, Inc.
>
http://www.orbitallaunch.com
>
Yes, but that's not the point. An unethical application can put up a dialog
that appears/functions exactly the same as the real dialog, and most users
would not have any reasonable way to determine that their password is being
hijacked.
Heck, I'm not even sure if/how the real dialog protects itself from
InputManager's, other than hoping the user has only installed 'nice' ones.
Later,
--
David Rehring Psychos do not explode when light hits
VP of Research and Development them, no matter how crazy they are...
Atimi Software, Inc.
www.atimi.com And totally insane guy!
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.