Security framework: I'm dead
Security framework: I'm dead
- Subject: Security framework: I'm dead
- From: Stéphane Sudre <email@hidden>
- Date: Wed, 11 Jul 2001 12:49:28 +0200
I've been explained the Security Framework policy by a really patient
guy but I don't find any application of it in Mac OS X.
For instance in the Network Panel,
1] if I'm an admin user: I can always change the network settings even
if I lock the panel. Just quit the System Preferences and launch it anew
to get access.
2] if I'm a casual user: I can't change the network settings but I can
get the rights through a admin privilege dialog. If I quit and come back
I have not the privilege anymore.
Case 2 seems to use the Security Framework and seems correct.
Case 1 seems to use the admin rights of the user (not the Security
Framework) (I wait a lot after the login panel not to be affected by the
security bug of the login panel which keeps authorization on for a
while). And it's not secure at all. Why - when I lock the panel - can I
get access to it without entering a password ?
It's a complete mess (both in the OS and in my mind).
Case 1 should be according to my bozo brain:
An admin user opens the Network Panel for the first time ever.
The panel is not locked.
This user locks the panel and quits System Preferences.
He opens the Network Panel again.
The panel should be locked.
He logouts (new verb)
Another admin user logins (another new verb)
He opens the Network Panel.
The panel should be locked.
He unlocks it.
He quits System Preferences.
He opens the Network Panel.
The panel is not locked.
--------
Case 1 from the Security Framework point of view as I understand it:
An admin user opens the Network Panel
The panel is locked and you need to enter your password. (Is it useful
to be an admin then ?)