Re: Authorization - Perl as helper tool vs. SUID
Re: Authorization - Perl as helper tool vs. SUID
- Subject: Re: Authorization - Perl as helper tool vs. SUID
- From: Nick Zitzmann <email@hidden>
- Date: Mon, 10 Jan 2005 14:22:50 -0700
On Jan 10, 2005, at 2:05 PM, Sherm Pendley wrote:
So what I'm thinking of is this: The parent app would be the same as
always, pre-authorizing and calling the helper tool with NSTask,
execve() or whatever. The helper tool, on the other hand, would be
slightly different - it would check that it's owned by root and
read-only by everyone else, and if so run itself with elevated
privileges. When run with elevated privileges, it wouldn't
"self-repair"; instead, it would simply do whatever task it was made
for.
Anyone care to comment on that approach?
I don't think that will work. The Perl script will not run because Perl
will not execute the script when the privileges are elevated but the
UID is not root. Here is a solution that does work:
<http://www.cocoabuilder.com/archive/message/2003/8/17/93439>
Nick Zitzmann
<http://www.chronosnet.com/>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden