Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Authorization.h

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authorization.h

Subject: Re: Authorization.h
From: Eric Peyton <email@hidden>
Date: Fri, 2 Nov 2001 14:32:13 -0600

On Friday, November 2, 2001, at 02:16 PM, Josh M. Hurd wrote:

Actually I did spend about two hours reading the archives but was hoping that something had changed or someone knew a trick that wasn't mentioned there. I knew someone would come back and tell me to read the archives, thanks for being consistent! And thanks for the other suggestions too! Unfortunately I know little about inter-app communications, guess it's time to learn...

Look at some simple DO apps (read the class docs on NSConnection). I whipped up my first app like this in about 30 minutes. It's really very easy.

So is this a BSD thing / a limitation of the underlying OS

It is a feature of the underlying OS, definitely NOT a limitation.

or is this something that Apple just hasn't gotten to? Are there any plans on changing this?

No. I do not believe there are any plans to even think about changing this.

Eric

Thanks for the help!

M

On Friday, November 2, 2001, at 05:46 AM, Eric Peyton wrote:

On Friday, November 2, 2001, at 03:06 AM, Josh M. Hurd wrote:

How can I use the Security framework (Authorization.h) to 'executeWithPrivileges' a function or method call instead of an executable?

You can't.

I suggest you read the copious number of emails regarding this exact issue going back over the last 6-9 months on this list and the omnigroup list (email@hidden). This question (and variants upon it) have been asked numerous times.

Pertinent notes.

) A non-root application cannot in any way switch to being root, do something and then switch back. You need to be root first (run by root or setuid(root)). Therefore, you cannot execute one function or method as root. This is a design of the operating system.

) executeWithPrivileges has a lot of features and drawbacks. Many of these emails cover them in depth.

) To do what you want, you will most likely need to create another binary with the correct "function" or "method" and associated data, launch that binary using AuthorizationExecuteWithPrivileges, then open a communication channel between your application and the launched application (ports, sockets, DO, mach messages, voodoo, mind reading - pick your favorite protocol - I usually use DO), share information, do x,y and z as root, and then quit the launched binary.

Eric

Thanks,

M
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev

_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev

_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev

Follow-Ups:
- Re: Authorization.h
  - From: "Josh M. Hurd" <email@hidden>
- Re: Authorization.h
  - From: Finlay Dobbie <email@hidden>

References:
	>Re: Authorization.h (From: "Josh M. Hurd" <email@hidden>)

Prev by Date: How to set attibutes for NSString's drawInRect: withAttributes?
Next by Date: Re: New to cocoa and Interface Builder
Previous by thread: Re: Authorization.h
Next by thread: Re: Authorization.h
Index(es):
- Date
- Thread