• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Running a single thread as root...sort of.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Running a single thread as root...sort of.

  • Subject: Re: Running a single thread as root...sort of.
  • From: OL&L Lists <email@hidden>
  • Date: Fri, 25 Jun 2004 16:42:27 -0700
Major security hole waiting to happen.

No process should be left running as root - for security reasons. And *especially* one that can be attached to by objects from somewhere on a network. Sounds like a great vector for hackers to be able to get root on a machine - replace or attack the DO and then masquerade as the real DO to the tool - opening a conduit to root for malicious code to exploit..

Privileged helper tools should run once and then exit. Leaving code around running as root continuously is a bad idea.

If you need DO to have privileged access, then have a process run on the target machine continuously but then only call the helper tool when a message is received from the DO. Put all your privileged code inside the helper tool and nowhere else. Only allow the daemon on the target machine to call the tool directly - not the DO. That way no code is left running at root except when a privileged operation is needed. Authorization Services should take care of the need to authenticate as needed inside the helper tool.

Michael
Orbitla Launch & Lift, Inc.
http://www.orbitallaunch.com

At 12:00 PM -0400 6/24/04, Huyler, Christopher M wrote:
I have read most of the documentation on creating setuid-root helper
tools but I would like to improve upon it by using Distributed Objects.
Here's my thought:

Create a helper tool in Cocoa that will authenticate and setuid-root
itself but it will stay up as a service until it is told to shutdown.
Then, once the user has authenticated, I can use Distributed Objects to
send commands to it, rather than relaunching the tool over and over
again. I have used Distributed Objects to create multiple threads in my
Preference Pane...basically I want a thread that is running as root.
Make sense?

Is this possible?
Has anyone done something similar?
Are there security issues with this approach I should be aware of?
Is there any sample code out there that could help me?

Thanks,
~ Chris
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.

References: 
 >Running a single thread as root...sort of. (From: "Huyler, Christopher M" <email@hidden>)

  • Prev by Date: Re: Online Version Checking
  • Next by Date: Re: Authenticating without UI
  • Previous by thread: Re: Running a single thread as root...sort of.
  • Next by thread: FW: Modal control
  • Index(es):
    • Date
    • Thread