Re: Authorization.h
Re: Authorization.h
- Subject: Re: Authorization.h
- From: Julien Jalon <email@hidden>
- Date: Tue, 6 Nov 2001 02:39:26 +0100
I didn't see this one...
two comments :
Le vendredi 2 novembre 2001, ` 03:00 PM, Peter Sichel a icrit :
I don't believe you can directly. You need to wrap your function
into an executable tool, or execute a tool that makes your application
SUID root so you can execute it with root privileges. I've written
a tool to do the latter. When the application is run for the
first time, it displays a dialog like this:
IPNetMonitorX First Run
You must have administrator privileges to complete
the installation process. Please re-launch the application
after authenticating.
If the user authenticates, the application launches a unix
tool to make itself SUID root (actually, it makes a small
OpenICMP applet root which it then invokes to open ICMP sockets
and pass them back using BSD descriptor passing). In general
you don't want your entire application to run as root all the
time so you should either isolate the privileged operations to
a small applet, or raise and lower privileges like this:
I think it is very unlikely to make an application suid (see the Apple
problems with NetInfo Manager and co). Maybe a little tool but not an
application. (it seems it's what you have done...). Imagine your
application support plug-ins, the plug-ins can seteuid whenever they
want. And the frameworks are too big so they can provide many security
hole (like the Recent Items thing).
Now for my question:
I have an application that used to AuthorizationExecuteWithPrivileges
a unix shell script, but this seems to have stopped working around the
time I installed Apple's 10.1 security update. If I replace the shell
script with an executable image, it runs fine. Is this by design,
or is there some special attribute one can apply to execute a shell
script with privileges?
Hm... weird, DNSUpdate execute simple shell scripts with
AuthorizationExecuteWithPrivileges and it works fine under 10.1.
--Julien