Re: Authorization without permanent setuid on helper
Re: Authorization without permanent setuid on helper
- Subject: Re: Authorization without permanent setuid on helper
- From: OL&L Lists <email@hidden>
- Date: Fri, 21 Jan 2005 19:13:51 -0800
At 8:54 PM -0600 1/21/05, Charles Srstka wrote:
On Jan 21, 2005, at 8:09 PM, OL&L Lists wrote:
How is running an entire app authorized as root more secure then
running a tiny one-shot code fragment that enters and then exits
root mode momentarily?
Who on earth said anything about running an entire app as root?!
Charles
The previous poster said he was not in favor of setuid helper tools
and removes them from his system. If one does not factor out the code
to be run as root into a separate helper tool, then the code must be
included in the app itself. When you setuid root on an app you run
the entire app as root. Hence Apple's recommendation of putting the
root code into a separate tool. If you don't use such a tool, where
will the code that will be run as root be placed?
Michael
Orbital Launch & Lift, Inc.
http://www.orbitallaunch.com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden