Re: Authorization.h
Re: Authorization.h
- Subject: Re: Authorization.h
- From: Eric Peyton <email@hidden>
- Date: Fri, 2 Nov 2001 07:46:22 -0600
On Friday, November 2, 2001, at 03:06 AM, Josh M. Hurd wrote:
How can I use the Security framework (Authorization.h) to
'executeWithPrivileges' a function or method call instead of an
executable?
You can't.
I suggest you read the copious number of emails regarding this exact
issue going back over the last 6-9 months on this list and the omnigroup
list (email@hidden). This question (and variants upon it)
have been asked numerous times.
Pertinent notes.
) A non-root application cannot in any way switch to being root, do
something and then switch back. You need to be root first (run by root
or setuid(root)). Therefore, you cannot execute one function or method
as root. This is a design of the operating system.
) executeWithPrivileges has a lot of features and drawbacks. Many of
these emails cover them in depth.
) To do what you want, you will most likely need to create another
binary with the correct "function" or "method" and associated data,
launch that binary using AuthorizationExecuteWithPrivileges, then open a
communication channel between your application and the launched
application (ports, sockets, DO, mach messages, voodoo, mind reading -
pick your favorite protocol - I usually use DO), share information, do
x,y and z as root, and then quit the launched binary.
Eric
Thanks,
M
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev