Re: Admin programs and password
Re: Admin programs and password
- Subject: Re: Admin programs and password
- From: "Andre John Mas" <email@hidden>
- Date: Tue, 7 Aug 2001 14:18:03 -0400
The issue I am worrying about is that of an application caching
the password or 'sharing it' with another computer - I can
imagine a trojan horse style application, or a unscrupulous
'patch'. Sure this does stink of paranoia on my part, but the
real reason is that I would rather catch a security problem
before it becomes a problem.
Thinking about running such an application in a root environment
would probably have just as much potential for damage, so I
suppose I am just worrying about nothing.
Andre
Eric Peyton wrote:
>
This depends greatly on the application.
>
>
Most of the OS X applications that do this rely on the Security
>
framework, where the panel is supplied by the Security Server and
>
which provides a session authorization key.
>
>
Some applications (NetInfo Manager, Disk Utility, etc.) currently
>
use the older NetInfoKit authentication panel and are still
>
setuid(root). These applications present the panel themselves.
>
>
What issues are you worried about?