Re: How to exec a subtool as root
Re: How to exec a subtool as root
- Subject: Re: How to exec a subtool as root
- From: Vince DeMarco <email@hidden>
- Date: Tue, 21 Jan 2003 22:20:21 -0800
On Tuesday, January 21, 2003, at 08:46 PM, Jim Correia wrote:
On Tuesday, January 21, 2003, at 11:33 PM, Vince DeMarco wrote:
Use the Authorization code in the Security Framework to do this. You
should not ship the tool as a setuid process.
look at AuthorizationExecuteWithPrivileges()
This recommendation seems counter the current docs and the info
disseminated at WWDC.
<http://developer.apple.com/techpubs/macosx/CoreTechnologies/
securityservices/authorizationservices/authorization_ref/
01authref_ref/function_group_4.html>
This function poses a security concern because it will
indiscriminately run any tool or application, severely increasing the
security risk. You should avoid the use of this function if possible.
One alternative is to split your code into two partsthe application
and a setuid tool. The application invokes the setuid tool using
standard methods. The setuid tool can then perform the privileged
operations. If the tool loses its setuid bit, use the
AuthorizationExecuteWithPrivileges function to repair it.
but if you just use the Auth.. stuff to repair it you end up with
exactly the same problem, you will indiscriminately give a command line
tool setuid access. I read the documentation as you should be careful.
by making the tool setuid, you will need root access to install your
application, you will also need an installer to get your application
installed.
What you can do is make sure that you are running the correct tool, by
checking if its the correct executable, (using a md5 hash of the
executable etc....)
Its a difficult problem.
vince
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.