• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Authorization without permanent setuid on helper
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Authorization without permanent setuid on helper

  • Subject: Authorization without permanent setuid on helper
  • From: email@hidden
  • Date: Wed, 19 Jan 2005 22:49:12 +0000
Are there any security repercussions with always "double running" a helper tool instead of setuid'ing its file on the first run?  By "double running" I mean running it from the main app, having it authorize, and then having it run itself as setuid (essentially following AuthSample but skipping the ownership and permission changes on the file).

I know that it'll incur the overhead of an extra process every time, but for the purpose I have in mind, efficiency is not an issue and it would make the app more mobile (without leaving Application Support garbage behind, as MoreAuthSample's approach would do).
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Authorization without permanent setuid on helper
      • From: Bob Ippolito <email@hidden>
  • Prev by Date: Re: Binding a text field's editable binding to a matrix
  • Next by Date: Re: Re: NSURLConnection Certificate Problem
  • Previous by thread: Re: Problem with NSAlternateKeyMask
  • Next by thread: Re: Authorization without permanent setuid on helper
  • Index(es):
    • Date
    • Thread