Re: authopen or not
Re: authopen or not
- Subject: Re: authopen or not
- From: Finlay Dobbie <email@hidden>
- Date: Sat, 24 Jul 2004 15:52:01 +0100
On 24 Jul 2004, at 13:48, Gerriet M. Denkmann wrote:
Currently this app is setuid root, which is necessary in order to make
the open() work.
But the fine (or fucking?) manuals tell me that: "running code as root
is very dangerous and should be done as seldom as possible.
Setting the setuid bit on an entire application is especially
dangerous because you are trusting that your entire application, and
the code your application links to, is free of security holes."
I'd suggest that you factor out the code that does this to a small
tool, and have the tool be setuid. This tool should be self-restricting
using the techniques in the Security framework. See the MoreAuthSample
code from DTS and the Authorization Services documentation for more
information.
I also noticed that you were hardcoding "rdisk0s9". This is probably a
bad thing, as disk numbering is dependent on the order that disks are
probed by IOKit. You should probably dynamically look up the device
node you are looking for using some other method.
-- Finlay
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.