Re: Authorization.h
Re: Authorization.h
- Subject: Re: Authorization.h
- From: Eric Peyton <email@hidden>
- Date: Tue, 6 Nov 2001 12:56:30 -0600
The proposed solution for this is to launch your own tool via AEWP
instead of some standard unix tool. Your tool can then launch the unix
tool, do it's work via fork() exec() etc. as root and then return a
message to the launching application that this has all succeeded. It is
not at all difficult to implement and has some very distinct advantage.
The only down side I can see is a little more code on your part ...
Eric
On Tuesday, November 6, 2001, at 12:26 AM, Charles Srstka wrote:
The annoying thing about AuthorizationExecuteWithPrivileges is that
there is apparently no way to make your program wait for the tool to
exit before continuing! This can make things very difficult sometimes...
On Monday, November 5, 2001, at 07:39 PM, Julien Jalon wrote:
I didn't see this one...
two comments :
Le vendredi 2 novembre 2001, ` 03:00 PM, Peter Sichel a icrit :
I don't believe you can directly. You need to wrap your function
into an executable tool, or execute a tool that makes your application
SUID root so you can execute it with root privileges. I've written
a tool to do the latter. When the application is run for the
first time, it displays a dialog like this:
IPNetMonitorX First Run
You must have administrator privileges to complete
the installation process. Please re-launch the application
after authenticating.
If the user authenticates, the application launches a unix
tool to make itself SUID root (actually, it makes a small
OpenICMP applet root which it then invokes to open ICMP sockets
and pass them back using BSD descriptor passing). In general
you don't want your entire application to run as root all the
time so you should either isolate the privileged operations to
a small applet, or raise and lower privileges like this:
I think it is very unlikely to make an application suid (see the Apple
problems with NetInfo Manager and co). Maybe a little tool but not an
application. (it seems it's what you have done...). Imagine your
application support plug-ins, the plug-ins can seteuid whenever they
want. And the frameworks are too big so they can provide many security
hole (like the Recent Items thing).
Now for my question:
I have an application that used to AuthorizationExecuteWithPrivileges
a unix shell script, but this seems to have stopped working around the
time I installed Apple's 10.1 security update. If I replace the shell
script with an executable image, it runs fine. Is this by design,
or is there some special attribute one can apply to execute a shell
script with privileges?
Hm... weird, DNSUpdate execute simple shell scripts with
AuthorizationExecuteWithPrivileges and it works fine under 10.1.
--Julien
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
_______________________________________________
cocoa-dev mailing list
email@hidden
http://www.lists.apple.com/mailman/listinfo/cocoa-dev