Re: Authorization without permanent setuid on helper
Re: Authorization without permanent setuid on helper
- Subject: Re: Authorization without permanent setuid on helper
- From: Finlay Dobbie <email@hidden>
- Date: Thu, 20 Jan 2005 17:19:13 +0000
On Thu, 20 Jan 2005 17:02:09 +0000, email@hidden
<email@hidden> wrote:
> It seems to me that acquiring authorization rights every time a self-restricted helper is invoked to perform a privileged operation is bad security practice. My reasoning for that conclusion is that the user will get into the habit of always entering the password, so he/she might never know if a malicious helper app was substituted. By limiting password entry to the first-run installation of the helper, subsequent password requests should (with an accompanying warning in the app documentation) set off a red flag in the user's mind that something might be amiss. Does that sound about right?
Sounds just dandy. There's certainly a risk of users becoming too
accustomed to entering their admin password willy nilly.
Self-restriction is the way to go! :)
-- Finlay
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden