Re: Filevault and SUID Incompatibilities
Re: Filevault and SUID Incompatibilities
- Subject: Re: Filevault and SUID Incompatibilities
- From: Michael Watson <email@hidden>
- Date: Tue, 10 Apr 2007 16:32:04 -0400
He probably doesn't need an SUID executable to do what he wants,
anyway. You can create an authorization by prompting the user just
once, and reuse it when necessary during use of the app. (You can
also destroy the authorization if you like, during use.)
--
m-s
On 10 Apr, 2007, at 16:23, Gregory Weston wrote:
Giovanni Donelli wrote:
I have a small helper program that needs SU privileges to do its
job. Since I don't want this tool to ask user authentication all the
time, upon install it sets it's SUID and change its user owner to
wheel:root so, when it executes, its effective user id is root.
...
Now everything works great on any OS X... except when FileVault is
enabled.
On user accounts where FileVault is enabled, the effective user id is
the same as the current user. (ie. getuid() == geteuid() )
...
Does anybody have any clue why this could be happening? I can't
really
think of anything.
Unfortunately, the answer is "that's the way FileVault works. As
far as I know, the only way to make sure the UID override takes is
to install the helper tool outside the home directory, like into /
Library/Application Support.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
40bungie.org
This email sent to email@hidden
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden