Re: State of performing tasks with elevated privileges
Re: State of performing tasks with elevated privileges
- Subject: Re: State of performing tasks with elevated privileges
- From: Nick Zitzmann <email@hidden>
- Date: Tue, 10 Mar 2009 11:45:11 -0600
On Mar 10, 2009, at 10:39 AM, Sidney San Martín wrote:
I can make a helper tool that I call with
AuthorizationExecuteWithPrivileges. I already have this working, but
it's vulnerable to attack (if the helper binary is replaced)
Yes, but the chances of that happening are very, very low unless the
same user who installed the application also installed some malware
that intentionally targeted your app. If that's a concern to you, then
you could check a checksum or some other signature before invoking AEWP
(). But keep in mind that (1) malware of any kind on Mac OS X is very
rare to nonexistent, and (2) you cannot stop a very determined
attacker; you can make it more difficult to discourage the less
determined, but not impossible.
and
apparently has poorly-documented caveats (needing to reap the process
when it's done executing, for one, which is something else I've never
done).
Well, you don't _need_ to reap the zombies if you don't want to. It'll
just look strange in Activity Monitor, and will waste a little RAM
until the parent task exits.
Nick Zitzmann
<http://www.chronosnet.com/>
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden