• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Using Security framework to get root auth for running app.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using Security framework to get root auth for running app.

  • Subject: Re: Using Security framework to get root auth for running app.
  • From: Steven Palm <email@hidden>
  • Date: Wed, 15 Dec 2004 14:30:53 -0600

On Dec 15, 2004, at 3:03 PM, email@hidden wrote:
On Dec 15, 2004, at 2:16 PM, email@hidden wrote:
Darn. I was hoping that would not be the case.
Question then, can I set /Applications/SomeApp.app as the toolpath? or
can
I only launch command line tools? 

  Part of the issue here is that when you would make your application
run as root, you would also be then granting root level access to all
libraries and frameworks you are using, which is relatively speaking a
HUGE security hole over putting specific bits of functionality in a
standalone and limited helper tool.

  Take the functions that must be performed as root and wrap them in a
helper tool, and have your application call this tool, passing the
authorization reference along with the command to perform. You'll be
happy you did, really, even though it's extra work.

Explained this way it makes a little more sense. I guess Im just
concerned that I'll have to re authorize the commandline tool for each
file that needs removal which would be tedious. Anyway. Back to the books
I suppose.

What you can do is use the sample as shown in AuthSample and MoreAuth which show the process of having a command line tool repair itself... That way, they have to authorize the first time so the tool can repair itself, but then (if you like) subsequent attempts do not need new authorization. I'd suggest also possibly setting up a custom right or rights for the operations you want to perform, and then you can change the timeout value to be whatever you want (including unlimited) so that once they authorize once upon application startup, they don't need to do it again until they quit the program. There are lots of options, I think it's quite flexible. Check out the AuthSample and MoreAuth examples over at Apple's site.

 Steve


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Using Security framework to get root auth for running app. (From: email@hidden)


 >Re: Using Security framework to get root auth for running app. (From: Nick Zitzmann <email@hidden>)


 >Re: Using Security framework to get root auth for running app. (From: email@hidden)


 >Re: Using Security framework to get root auth for running app. (From: Steven Palm <email@hidden>)


 >Re: Using Security framework to get root auth for running app. (From: email@hidden)






    

  • Prev by Date:
Re: Programatically resizing a window

    • 

  • Next by Date:
Re: Using Security framework to get root auth for running app.

    • 

  • Previous by thread:
Re: Using Security framework to get root auth for running app.

    • 

  • Next by thread:
Re: Using Security framework to get root auth for running app.

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •