• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Authorization.h
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authorization.h

  • Subject: Re: Authorization.h
  • From: Eric Peyton <email@hidden>
  • Date: Tue, 6 Nov 2001 12:56:30 -0600
The proposed solution for this is to launch your own tool via AEWP instead of some standard unix tool. Your tool can then launch the unix tool, do it's work via fork() exec() etc. as root and then return a message to the launching application that this has all succeeded. It is not at all difficult to implement and has some very distinct advantage. The only down side I can see is a little more code on your part ...

Eric

On Tuesday, November 6, 2001, at 12:26 AM, Charles Srstka wrote:

The annoying thing about AuthorizationExecuteWithPrivileges is that there is apparently no way to make your program wait for the tool to exit before continuing! This can make things very difficult sometimes...

On Monday, November 5, 2001, at 07:39 PM, Julien Jalon wrote:

I didn't see this one...
two comments :

Le vendredi 2 novembre 2001, ` 03:00 PM, Peter Sichel a icrit :
I don't believe you can directly. You need to wrap your function
into an executable tool, or execute a tool that makes your application
SUID root so you can execute it with root privileges. I've written
a tool to do the latter. When the application is run for the
first time, it displays a dialog like this:

IPNetMonitorX First Run

You must have administrator privileges to complete
the installation process. Please re-launch the application
after authenticating.

If the user authenticates, the application launches a unix
tool to make itself SUID root (actually, it makes a small
OpenICMP applet root which it then invokes to open ICMP sockets
and pass them back using BSD descriptor passing). In general
you don't want your entire application to run as root all the
time so you should either isolate the privileged operations to
a small applet, or raise and lower privileges like this:


I think it is very unlikely to make an application suid (see the Apple problems with NetInfo Manager and co). Maybe a little tool but not an application. (it seems it's what you have done...). Imagine your application support plug-ins, the plug-ins can seteuid whenever they want. And the frameworks are too big so they can provide many security hole (like the Recent Items thing).


Now for my question:

I have an application that used to AuthorizationExecuteWithPrivileges
a unix shell script, but this seems to have stopped working around the
time I installed Apple's 10.1 security update. If I replace the shell
script with an executable image, it runs fine. Is this by design,
or is there some special attribute one can apply to execute a shell
script with privileges?


Hm... weird, DNSUpdate execute simple shell scripts with AuthorizationExecuteWithPrivileges and it works fine under 10.1.

--Julien
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev

References: 
 >Re: Authorization.h (From: Charles Srstka <email@hidden>)

  • Prev by Date: Re: Authorization.h
  • Next by Date: NSCoding oddity
  • Previous by thread: Re: Authorization.h
  • Next by thread: Re: Authorization.h
  • Index(es):
    • Date
    • Thread