Transferring authorization rights
Transferring authorization rights
- Subject: Transferring authorization rights
- From: Hamish Allan <email@hidden>
- Date: Mon, 3 Mar 2003 12:45:29 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
As I have mentioned previously, I am intending to write a "click the
lock to make/prevent changes" widget which I believe would be useful to
anyone who wants to expose a daemon's configuration through System
Preferences.
The authorization framework seems a little heavyweight to me, and in
order to make the widget as re-usable by as many people as possible
(including beginners like me!) I want to minimise its configuration
requirements. In most situations, I believe that all the developer
probably wants to is to authorize a shared prefs file being written.
So, to avoid having to write a separate tool and md5sum-check it, all I
want is to use /usr/libexec/authopen with:
sys.openfile.readwritecreate./Library/Preferences/
com.frontcompany.MyApp.plist
However, in order to sync authorization with the rest of the System
Preferences, I really want to use the "system.preferences" right.
So what I'm wondering is, is it possible to gain the "sys.openfile..."
right by virtue of having the "system.preferences" right?
I know it sounds like what I'm asking for is a gaping security hole,
but not necessarily any more so than 'sudo su'. Does anyone know if
it's possible?
Many thanks,
Hamish
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)
iD8DBQE+Y05y6gc2d//pELYRAneGAKCjnzUvKxIoYhpl+JKlGdjlz4smwwCdEFq9
aFrNR17UZL9pWWHFTXqQOkw=
=JPRf
-----END PGP SIGNATURE-----
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.