Re: Root User
Re: Root User
- Subject: Re: Root User
- From: Luther Fuller <email@hidden>
- Date: Fri, 28 Mar 2014 11:12:48 -0500
On Mar 28, 2014, at 2:17 AM, Ron Hunsinger wrote: Asking for a username and password, and then checking them for validity in a separate step, is very definitely the WRONG WAY TO DO ITâ„¢. Your script should never see an actual password. Exposing a password in the clear like that would be a huge security violation.
What you can do is invoke
do shell script ... with administrator privileges
When you do that, the system will put up an authentication dialog, securely collect a username and password, and without telling you the password determine whether it is correct. If it is correct, the supplied script will be executed with root privileges. (Not admin privileges, despite the name. Actual root privileges. As such, the script need not and should not invoke sudo.)
I agree, but my problem is that I don't have a command that I want to use this way. I just want the script to continue only if a username and password is supplied. So I gave up on this.
Until I thought of doing something like this ...
try do shell script "sw_vers" with administrator privileges on error beep return end try display dialog "Continue"
If the correct username-password is NOT entered into the dialog, an error occurs and the script stops at the 'return' line. If the correct username-password is entered, then the text returned by the 'sw_vers' command is simply ignored and the script continues.
Thanks for the hint !
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users
This email sent to email@hidden