Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: "First Run" installation of Application support stuff?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "First Run" installation of Application support stuff?

Subject: Re: "First Run" installation of Application support stuff?
From: "Peter Sichel" <email@hidden>
Date: Thu, 19 Dec 2002 16:29:01 -0500

>Couldn't you just copy the applet from your .app bundle to /tmp
>whenever you run, and delete it when you quit? This way you don't need
>to worry about permissions (/tmp is guaranteed everyone-readwrite,
>correct?) Why do you need write access on an applet anyways?

One of the reasons for isolating functions in an applet is to
isolate root privileges to as little code as possible.

How does the applet acquire root privileges?

(A) Have the application ask the user every time?

(B) Be set to SUID root at "first run installation time"

I would argue that (B) is less intrusive and more secure than
(A) which trains the user to casually authenticate applications.

- Peter
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.

Follow-Ups:
- Re: "First Run" installation of Application support stuff?
  - From: Sheehan Olver <email@hidden>

References:
	>Re: "First Run" installation of Application support stuff? (From: Sheehan Olver <email@hidden>)

Prev by Date: Re: Newbie NSWindow question
Next by Date: ANN: PyObjC 0.8 released
Previous by thread: Re: "First Run" installation of Application support stuff?
Next by thread: Re: "First Run" installation of Application support stuff?
Index(es):
- Date
- Thread