• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Authorized operations
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authorized operations

  • Subject: Re: Authorized operations
  • From: Nick Zitzmann <email@hidden>
  • Date: Sat, 16 Aug 2003 17:57:50 -0700
On Saturday, August 16, 2003, at 03:25 AM, Thomas Davie wrote:

I'm currently writing a small cocoa app that needs to be able to run various tools as root. I have a self-repairing helper tool that seems to get authorized correctly - I have a couple of logging statements in there that inform me that the UID after authorizing is 0. My problem is then running the tools that I need - One of the tools I need to run is crontab -l {user}, however if I run a new task from my helper app it is run as the logged in user, not as root (because when you setuid only your effective uid becomes root and your real uid remains as the logged in user, meaning that if you run a new task it's effective uid becomes the logged in user). How can I get crontab to run as root?

As you've probably discovered by now, AEWP() executes applications and gives them root privileges, but it does not actually run them _as_ root. AFAIK, there is no way to do this programmatically with the Security framework right now; however, there's a workaround.

What you need to do is compile this as "reuidwrapper":

#include <unistd.h>

main(int argc, char *argv[], char *envp[])
{
int euid;

euid = geteuid();
setuid(euid);

setpgrp(0, setsid());

execve(argv[1], &argv[1], envp);
}

Then have the AEWP() call run this reuidwrapper as its executable, with the program you want to run as the first argument, followed by that program's arguments... That ought to work.

Nick Zitzmann
AIM/iChat: dragonsdontsleep
Check out my software page: http://seiryu.home.comcast.net/

"I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone." - Bjarne Stroustrup
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
  • Prev by Date: Re: Dynamic menu building
  • Next by Date: Re: Backwards compatibility
  • Previous by thread: Authorized operations
  • Next by thread: splitview sizing question
  • Index(es):
    • Date
    • Thread