Re: Environment/permissions on NSTask-launched app
Re: Environment/permissions on NSTask-launched app
- Subject: Re: Environment/permissions on NSTask-launched app
- From: Bill Bumgarner <email@hidden>
- Date: Wed, 19 Jul 2006 19:27:22 -0700
On Jul 19, 2006, at 7:10 PM, Andrew Farmer wrote:
On 19 Jul 06, at 17:17, Brad Peterson wrote:
I'll try that, thank you. What value would you suggest
for setuid()? Should I just use 501 again?
"501" will only work for the first user to create an account on the
machine, as that's the first autogenerated user ID.
Please don't write applications that run as root without a *full*
understanding of the security implications thereof!
Yeah -- what he said. I just caught the end of this thread.
From the above, I take it that you are trying to downgrade a process
from root to a particular user?
This is an incredible difficult problem rife with potential security
holes. Not to be attempted unless you are seriously steeped in the
subtleties of Mac OS X's process model and the role that users play
therein.
I would recommend starting with Amit Singh's *Mac OS X Internals* book
and then be prepared for some serious research beyond that.
b.bum
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden