Re: Security framework question
Re: Security framework question
- Subject: Re: Security framework question
- From: Ed Silva <email@hidden>
- Date: Tue, 10 Jul 2001 16:23:29 -0700
Well, after some digging I found that keeping a tool in the App bundle isn'
t the only way to do it.
It turns out that if you make the application binary (ie:
MyApp.app/Contents/MacOS/MyApp) sutuid root it works just fine. The way I
figured this out was by looking at NetInfo Manager.app:
-rwsrwxr-x 1 root admin 175944 Jun 21 14:45 NetInfo Manager*
This seems much more reasonable to me than creating a separate tool to do
the job, but I wonder if there are security consequences.
Any thoughts (good or bad) on a setuid root app binary?
On Monday, July 9, 2001, at 07:28 PM, Brian Hill wrote:
On Monday, July 9, 2001, at 08:03 PM, Ed Silva wrote:
I have been thinking that I could make a tool to do the real work
(creating the dir, writing files, etc) and use the security framework to
call that, but that seems like such a hack that I really want to find a
better way to do this.
Any ideas? Am I missing something here?
Nope. That's what you have to do -- put it in a tool and use the
functions in the Security framework to run it.
Brian
email@hidden http://personalpages.tds.net/~brian_hill
������������������������������������������������������
"Why? I came into this game for adventure - go anywhere, travel
light, get in, get out, wherever there's trouble, a man alone.
Now they've got the whole country sectioned off and you can't
move without a form. I'm the last of a breed."
-- Archibald "Harry" Tuttle, Rogue HVAC Repairman
������������������������������������������������������
Cheers,
--Ed