• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Security - Write to protected directory
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security - Write to protected directory

  • Subject: Re: Security - Write to protected directory
  • From: Andrew Merenbach <email@hidden>
  • Date: Thu, 2 Oct 2008 21:41:30 -0700
Greetings, Kelly!

For this particular purpose, would it be possible to use a package (.pkg) installer? You can allow the user to choose between destinations, and such installers handle the authorization for you. If you intend to allow the content to be installed for the application from *within* said application, you could have the program download (if necessary) the package installer in the background, then simply launch it -- the user would go through the install process, the installer would terminate, and you'd be set. This saves you from having to write your own installer code, is more secure (IMHO), and may also be more future-proof. I quite clearly may have overlooked something, but this was the first thing that occurred to me.

I hope that this might help, at least a little!

Cheers,
	Andrew

On Oct 2, 2008, at 9:30 PM, Kelly Graus wrote:

Hi Bill,

Thanks for the response!

This is the intended functionality. We are allowing a user to install system-wide content to our application. We also have the ability for users to install content for a single user with admin privileges.

Kelly

On Oct 2, 2008, at 7:20 PM, Bill Bumgarner wrote:

On Oct 2, 2008, at 12:30 PM, Kelly Graus wrote:
Is the only way to allow a user to write to a protected location use the AuthorizationExecuteWithPrivileges function?
If so, is there a way to tell when the application has quit, and get the exit code?
If not, how would I go about getting sufficient privileges to write to protected locations?
Does using a setuid tool mess up the ability for a user to delete an application, assuming the setuid tool is imbedded in an application's bundle?

Thanks for any help! 

See Nick's response... it was helpful.

However -- I have a question:

What are you trying to do and what do you hope to gain by protecting the data in this fashion?

Specifically, going down this path means that any non-admin user will not be able to use whatever functionality in your application requires authorization.... is that intended?

b.bum 

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Security - Write to protected directory (From: Kelly Graus <email@hidden>)
 >Re: Security - Write to protected directory (From: Bill Bumgarner <email@hidden>)
 >Re: Security - Write to protected directory (From: Kelly Graus <email@hidden>)

  • Prev by Date: Re: Security - Write to protected directory
  • Next by Date: Re: Play Playlist in iTunes
  • Previous by thread: Re: Security - Write to protected directory
  • Next by thread: Re: Security - Write to protected directory
  • Index(es):
    • Date
    • Thread