Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: sudoing into root

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sudoing into root

Subject: Re: sudoing into root
From: Christopher Nebel <email@hidden>
Date: Sun, 23 May 2004 20:15:34 -0700

On May 23, 2004, at 3:00 AM, Axel Luttgens wrote:

Would be interesting to know how exactly the 'do shell script ... with administrator privileges' is implemented, and what are its relationships with authorization services and sudo.

Currently, 'do shell script "x" with administrator privileges' gets turned into this [1]:

sh -c 'echo password | sudo -S x'

If you don't supply the password in the command itself, you get a dialog asking for it.

However, this is bogus in at least three ways that I can think of off the top of my head, and it's all being rewritten to use the Security APIs instead of sudo(8) -- coming to a Future Release near you.

--Chris Nebel
AppleScript Engineering

[1] Technically, it calls execve("/bin/sh", { "sh", "-c", "echo password | sudo -p \"\" -S x" }, *(_NSGetEnviron())).
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.

Follow-Ups:
- Re: sudoing into root
  - From: Axel Luttgens <email@hidden>

References:
	>sudoing into root (From: Gnarlodious <email@hidden>)
	>Re: sudoing into root (From: Axel Luttgens <email@hidden>)

Prev by Date: Re: excel 2004 chart question
Next by Date: Re: (OT) Unsafe handlers revisited - Now Fixed
Previous by thread: Re: sudoing into root
Next by thread: Re: sudoing into root
Index(es):
- Date
- Thread