• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Security framework question
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security framework question

  • Subject: Re: Security framework question
  • From: Scott Anguish <email@hidden>
  • Date: Wed, 11 Jul 2001 04:53:03 -0400
On Tuesday, July 10, 2001, at 07:23 PM, Ed Silva wrote:

It turns out that if you make the application binary (ie: MyApp.app/Contents/MacOS/MyApp) sutuid root it works just fine. The way I figured this out was by looking at NetInfo Manager.app:

-rwsrwxr-x 1 root admin 175944 Jun 21 14:45 NetInfo Manager*

This seems much more reasonable to me than creating a separate tool to do the job, but I wonder if there are security consequences.

It is very bad.. horribly bad... like, don't do it bad.

If the app is setuid root, ANYTHING the app does will be done as root. files saved, permissions for delete and everything else.

Anything your app can do, or executes is done as root.

Terrible, horrible bad thing to do. The NetInfo Manager does it is a bit of a requirement for the app.

There is no need to go this way, and use of your app will be extremely limited if you choose to go this way..

Bad mojo.. very..

Am I getting my concerns across? :-)

  • Follow-Ups:
    • Re: Security framework question
      • From: Ed Silva <email@hidden>
References: 
 >Re: Security framework question (From: Ed Silva <email@hidden>)

  • Prev by Date: setEditable:FALSE not firing? Or am I doing something I shouldn't?
  • Next by Date: Adding/removing menu entries
  • Previous by thread: Re: Security framework question
  • Next by thread: Re: Security framework question
  • Index(es):
    • Date
    • Thread