Re: DO and authentication
Re: DO and authentication
- Subject: Re: DO and authentication
- From: Jason Bobier <email@hidden>
- Date: Fri, 4 Jan 2002 01:26:08 -0800
Hey Charles,
The best way that I've found to do this so far is to pass the task port
to your tool using an NSPort. You can then check the credentials of the
task.
This isn't a great workaround, but it does work.
Jason
On Thursday, January 3, 2002, at 06:45 PM, cocoa-dev-
email@hidden wrote:
Message: 12
Date: Thu, 3 Jan 2002 20:32:39 -0600
Subject: DO and authentication
From: Charles Srstka <email@hidden>
To: email@hidden
I have a program that uses a Foundation tool to do things as root. I'm
making the main program communicate with the tool using DO. I've read
what documentation I could find on authenticating messages via DO, but
I'm still wondering what is a good way to verify the identity of the
client. Perhaps I'm just being paranoid, but I just want to make sure
some other app doesn't start using my tool while I am running it, and
doing nasty stuff with root access. By searching the archives and
elsewhere, I've found information on how to authenticate messages, but I
have not found anything on a good method to verify the identity of the
message sender. Anyone know a good way to do this? I am a newbie in most
things security-related...
Thanks,
Charles
--
Jason A. Bobier
email@hidden
Tech Lead, PGP Macintosh Products
http://www.prismatix.com/
Network Associates, Inc. Nothing's constant
PGPKey: <
http://keys.pgp.com:11371/pks/lookup?op=get&search=0xF6F83318>
Fingerprint: 7809 7E6E BCCA 903D 4618 9740 EB10 9DF9 F6F8 3318