• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Get root privileges with NSTask
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Get root privileges with NSTask

  • Subject: Re: Get root privileges with NSTask
  • From: Michael Watson <email@hidden>
  • Date: Mon, 24 Mar 2008 23:18:36 -0400
Search the list. This comes up often.

<http://search.lists.apple.com/?q=root+privileges&cmd=Search!&ul=cocoa-dev >

When I say "it comes up often", I mean "this gets asked so often that it actually was talked about yesterday". Chris Hanson posted this:

(1) Use Authorization Services to create an authorization reference for the right to unload your daemon.
(2) Use NSTask to run a setuid-root helper tool you've written that can only unload your daemon.
(3) Pass the externalized form of the authorization reference from #1 over a pipe to the task in #2.
(4) Verify in the task from #2 that the authorization reference actually confers the appropriate right.
(5) Unload the daemon.

If the setuid helper tool isn't setuid-root, AuthorizationExecuteWithPrivilegs should be used to fix that from within the tool itself -- in other words, the helper tool should be self-repairing.

THis is all described in "Performing Privileged Operations With Authorization Services" at <http://developer.apple.com/documentation/Security/Conceptual/authorization_concepts/01introduction/chapter_1_section_1.html >. Everyone who wants to perform privileged operations MUST read and understand this document completely before attempting to write code to do so, to preserve the security of their users' systems. 



--
m-s

On 24 Mar, 2008, at 23:07, Mr. Gecko wrote:
Hello I am needing to get root privileges with NSTask so my program can install some items that will get downloaded from the internet with curl is that possible I know I can do that with applescript.

Thanks for tips/help,
Mr. Gecko
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
@bungie.org

This email sent to email@hidden 

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: Get root privileges with NSTask

      • From: "Mr. Gecko" <email@hidden>
      • 





References: 


 >Get root privileges with NSTask (From: "Mr. Gecko" <email@hidden>)






    

  • Prev by Date:
Re: Get root privileges with NSTask

    • 

  • Next by Date:
Re: Updates in one split view pane causing other pane to redraw (on	Tiger): SOLVED

    • 

  • Previous by thread:
Re: Get root privileges with NSTask

    • 

  • Next by thread:
Re: Get root privileges with NSTask

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •