• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: NSTask and authentication...I have to clarify my original question
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NSTask and authentication...I have to clarify my original question

  • Subject: Re: NSTask and authentication...I have to clarify my original question
  • From: Jerry Krinock <email@hidden>
  • Date: Tue, 21 Mar 2006 07:10:22 -0800
  • Thread-topic: NSTask and authentication...I have to clarify my original question
on 06/03/21 06:45, Nick Zitzmann at email@hidden wrote:

> On Mar 21, 2006, at 7:21 AM, Nik Giovanakis wrote:
>
>> From what I have deduced, I will need to have an authentication
>> step when the application is launched. Is that right?
>
> No; you need to have an authentication step before you launch the
> privileged task.

This requirement is typical.  You have probably seen the following example
as a user: After you download and purchase a serial number for an
application, you are given an option to install the serial number so that
all user accounts can use the application.  If you check the box, you are
presented with an Authentication dialog.  This is because the application
needs authorization to write a file with your serial number in
/Library/Preferences which, in general, may require root privileges.  It
calls MoreSecExecuteRequestInHelperTool to do this.  That dialog is
apparently created somewhere within the bowels of MoreSecurity.c  (I've
never been able to find it).

The difference between this and what you describe is that, instead of
executing an NSTask, MoreSecExecuteRequestInHelperTool runs a "helper tool",
a command-line tool which you have compiled and included in your package to
do whatever privileged operations need to be done; in this example, writing
to /Library/Preferences.  There are people who are Way Smarter Than Me
(maybe Nick Zitzmann) who can explain to you why this is Apple's secure and
recommended method to execute a privileged task.


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: NSTask and authentication...I have to clarify my original question
      • From: Nick Zitzmann <email@hidden>
References: 
 >Re: NSTask and authentication...I have to clarify my original question (From: Nick Zitzmann <email@hidden>)

  • Prev by Date: Re: mouseDown and NSTabView
  • Next by Date: Re: Installer
  • Previous by thread: Re: NSTask and authentication...I have to clarify my original question
  • Next by thread: Re: NSTask and authentication...I have to clarify my original question
  • Index(es):
    • Date
    • Thread