Re: Unable to unload Launch Daemon using Cocoa Application.
Re: Unable to unload Launch Daemon using Cocoa Application.
- Subject: Re: Unable to unload Launch Daemon using Cocoa Application.
- From: Chris Hanson <email@hidden>
- Date: Sun, 23 Mar 2008 17:07:17 -0700
On Mar 22, 2008, at 9:03 AM, JanakiRam wrote:
I've used Authorization Services to
perform unload of Launch Daemon ( previlaged action ).
Authorization Services isn't meant to be used in the way you're using
it. You're using AuthorizationExecuteWithPrivileges to perform an
arbitrary operation as root. That's bad.
Instead, you should:
(1) Use Authorization Services to create an authorization reference
for the right to unload your daemon.
(2) Use NSTask to run a setuid-root helper tool you've written that
can only unload your daemon.
(3) Pass the externalized form of the authorization reference from #1
over a pipe to the task in #2.
(4) Verify in the task from #2 that the authorization reference
actually confers the appropriate right.
(5) Unload the daemon.
If the setuid helper tool isn't setuid-root,
AuthorizationExecuteWithPrivilegs should be used to fix that from
within the tool itself -- in other words, the helper tool should be
self-repairing.
THis is all described in "Performing Privileged Operations With
Authorization Services" at <http://developer.apple.com/documentation/Security/Conceptual/authorization_concepts/01introduction/chapter_1_section_1.html
>. Everyone who wants to perform privileged operations MUST read and
understand this document completely before attempting to write code to
do so, to preserve the security of their users' systems.
-- Chris
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden