• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
A hack: using Security Framework to give your application administrator rights (at startup):
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A hack: using Security Framework to give your application administrator rights (at startup):

  • Subject: A hack: using Security Framework to give your application administrator rights (at startup):
  • From: Gerben Wierda <email@hidden>
  • Date: Fri, 8 Mar 2002 23:01:21 +0100
On Friday, March 8, 2002, at 02:58 , Eric Peyton wrote:

As answered before multiple times on both of these lists, No. You cannot raise the privilege level of a running application above the privilege level that application started with when launched. If an app is not launched by root or launched setuid root, it can *never* have root access.

I was not looking per se for an answer other than a workaround or undocumented feature (I know the current SF cannot do it and the above description sums up nicely what seteuid() can do, but there might be a hack around that I do not know of, after all the kernel is able to do with processes what it likes.

Personally, I had been thinking about using AuthorizationExecuteWithPrivileges to replace my process with a setuid-ed version of itself immediately after startup (i.e. when I start the app, in main() first get authorization if needed, then start a second copy of my app with the privileges and immediately exit the first one). Would that work?

I tried it and it works (but only from PB). This starts the app by running authentication (if needed) and then launches a second copy instead of the current one. Too bad I cannot use execve myself and just replace myself. The sleep time of 2 seconds may not be long enough for slow or busy systems (I have no idea). I am posting this just so that the basic hack is out.

I have one problem left, though. I would like to pass argv on to the new process. If I do that in the call to AuthorizationExecuteWithPrivileges below (replace args by argv) the app works inside PB but crashes outside of it. Reason?

The hack is an adaptation of your default Cocoa app main.m:

//
// main.m
// II
//
// Created by Gerben Wierda on Mon Feb 25 2002.
// Copyright (c) 2002 Gerben Wierda. All rights reserved.
//

#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>

#import <Cocoa/Cocoa.h>
#include <Security/Authorization.h>
#include <Security/AuthorizationTags.h>

static AuthorizationRef authorizationRef;

static BOOL authenticate( const char *command)
{
AuthorizationItem items[1];
OSStatus err = 0;

// The authorization rights structure holds a reference to an array
// of AuthorizationItem structures that represent the rights for which
// you are requesting access.

AuthorizationRights rights;
AuthorizationFlags flags;

// We'll be hanging onto the authorizationRef
// and using it throughout the code samples

authorizationRef = NULL;

// We just want the user's current authorization environment,
// so we aren't asking for any additional rights yet.

rights.count=0;
rights.items = NULL;

flags = kAuthorizationFlagDefaults;

err = AuthorizationCreate(&rights, kAuthorizationEmptyEnvironment,
flags, &authorizationRef);

if (err != errAuthorizationSuccess) return NO;

// There should be one item in the AuthorizationItems array for each
// right you want to acquire.

// The data in the value and valueLength is dependent on which right you
// want to acquire.

// For the right to execute tools as root, kAuthorizationRightExecute,
// they should hold a pointer to a C string containing the path to
// the tool you want to execute, and the length of the C string path.

// There needs to be one item for each tool you want to execute.

items[0].name = kAuthorizationRightExecute;
items[0].value = (char *)command;
items[0].valueLength = strlen( items[0].value);
items[0].flags = 0;

rights.count=1;
rights.items = items;

flags = kAuthorizationFlagInteractionAllowed | kAuthorizationFlagExtendRights;

// Since we've specified kAuthorizationFlagExtendRights and
// have specified kAuthorizationFlagInteractionAllowed, if the
// user isn't currently authorized to execute tools as root,
// they will be asked for a password and err will indicate
// an authorization failure.

err = AuthorizationCopyRights(authorizationRef,&rights,
kAuthorizationEmptyEnvironment,
flags, NULL);

return( errAuthorizationSuccess==err);
}


int main(int argc, const char *argv[])
{
if (geteuid() != 0) {
if (authenticate( argv[0])) {
OSStatus err = 0;
const char *args[2] = {0, 0};

args[0] = argv[0];
err = AuthorizationExecuteWithPrivileges( authorizationRef, argv[0], 0, args, 0);

sleep( 2);
return err;
}
else {
fprintf( stderr, "Program not authenticated\n");
return 1;
}
}
else {
return NSApplicationMain(argc, argv);
}
}
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
References: 
 >Re: Can I use the Security framework in some way to setuid the running binary? (From: Eric Peyton <email@hidden>)

  • Prev by Date: NSTextView displaying web page
  • Next by Date: Re: Closing windows bearing sheets
  • Previous by thread: Re: Can I use the Security framework in some way to setuid the running binary?
  • Next by thread: Select-by-typing in NSTableView
  • Index(es):
    • Date
    • Thread