• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Authorization.h
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authorization.h

  • Subject: Re: Authorization.h
  • From: "Josh M. Hurd" <email@hidden>
  • Date: Fri, 2 Nov 2001 12:16:22 -0800
Actually I did spend about two hours reading the archives but was hoping that something had changed or someone knew a trick that wasn't mentioned there. I knew someone would come back and tell me to read the archives, thanks for being consistent! And thanks for the other suggestions too! Unfortunately I know little about inter-app communications, guess it's time to learn...

So is this a BSD thing / a limitation of the underlying OS or is this something that Apple just hasn't gotten to? Are there any plans on changing this?

Thanks for the help!

M

On Friday, November 2, 2001, at 05:46 AM, Eric Peyton wrote:

On Friday, November 2, 2001, at 03:06 AM, Josh M. Hurd wrote:

How can I use the Security framework (Authorization.h) to 'executeWithPrivileges' a function or method call instead of an executable?


You can't.

I suggest you read the copious number of emails regarding this exact issue going back over the last 6-9 months on this list and the omnigroup list (email@hidden). This question (and variants upon it) have been asked numerous times.

Pertinent notes.

) A non-root application cannot in any way switch to being root, do something and then switch back. You need to be root first (run by root or setuid(root)). Therefore, you cannot execute one function or method as root. This is a design of the operating system.

) executeWithPrivileges has a lot of features and drawbacks. Many of these emails cover them in depth.

) To do what you want, you will most likely need to create another binary with the correct "function" or "method" and associated data, launch that binary using AuthorizationExecuteWithPrivileges, then open a communication channel between your application and the launched application (ports, sockets, DO, mach messages, voodoo, mind reading - pick your favorite protocol - I usually use DO), share information, do x,y and z as root, and then quit the launched binary.

Eric

Thanks,

M
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev

  • Follow-Ups:
    • Re: Authorization.h
      • From: Eric Peyton <email@hidden>
References: 
 >Re: Authorization.h (From: Eric Peyton <email@hidden>)

  • Prev by Date: New to cocoa and Interface Builder
  • Next by Date: How to set attibutes for NSString's drawInRect: withAttributes?
  • Previous by thread: Re: Authorization.h
  • Next by thread: Re: Authorization.h
  • Index(es):
    • Date
    • Thread