Re: Fun with AuthorizationExecuteWithPrivileges...
Re: Fun with AuthorizationExecuteWithPrivileges...
- Subject: Re: Fun with AuthorizationExecuteWithPrivileges...
- From: Lloyd Sargent <email@hidden>
- Date: Tue, 14 Aug 2001 15:45:23 -0500
On Tuesday, August 14, 2001, at 09:20 AM, Andreas Monitzer wrote:
On Tuesday, August 14, 2001, at 12:15 , j o a r wrote:
On Tuesday, August 14, 2001, at 02:19 , Andreas Monitzer wrote:
Yes, you and everybody else is missing a good API. The only known way
of
doing this is to get the PID of the created process via the pipe (or
some lock-file) and call /bin/kill via the security API (requires
another authorization).
I'm doing this another way around - and would love a comment on my
approach.
I create a run loop in my tool, and a DO connection to the main
program.
When I wan the tool to quit, I invalidate the NSConnection that ties
the
two together. This causes the run loop in the tool to quit, and hence
the
tool terminate.
In this way I can communicate with the tools using "normal" method
calls
through DO, and I don't have to fiddle with the pipe at all (I tried
the
manpages for stdio, but found them confusing).
Is this OK to do?
This is definitely ok, but it was too much hassle for me to get into
(since my tool was separate, already available code in pure C).
Another approach would be to use NSDistributedNotificationCenter, which
works fine in CF, too. However, these messages can be generated and
eavesdropped by every process on the machine, so it's not really secure.
andy
Okay, well this gets into another question - at what level does the DO
method execute? At the level of the caller (who is not running
"authorized") or the tool (which is running as "authorized")?
I would ASSUME it would be at the tool level and hence the method
executing is also authorized... But I may be ASSUMING too much here...
Cheers,
Lloyd
-----
Canna Software Development
"while (!dead) [self beat_horse];" anon