Re: Run a process as root (asking only one time the root password)
Re: Run a process as root (asking only one time the root password)
- Subject: Re: Run a process as root (asking only one time the root password)
- From: "Finlay Dobbie" <email@hidden>
- Date: Thu, 21 Jun 2007 16:30:33 +0100
On 21/06/07, I. Savant <email@hidden> wrote:
It works this way for a very good reason. If you're doing this from
a desktop application there is positively *no good reason* not to
require authentication as the system is designed to request it. Any
remotely savvy user would steer clear of your application if they knew
it was behaving in this way.
This is a ridiculous overgeneralisation. For example, the System
Preferences application is automatically unlocked if you are logged in
as an administrative user. Having to type your admin password
repeatedly even when you're logged in as an administrative user is
stupid. Also, the kAuthorizationRightExecute right expires after 500s
in the default security policy, which might be annoying.
As another example, I currently have to type my admin password every
time I start VMware so it can unmount my Boot Camp partition, which is
annoying. Where's the value in that?
The problem with the traditional UNIX permissions model is it has no
granularity - a lot of operations are basically "if you a root, you
can proceed, otherwise tough luck", which is why things like sudo
exist. Using the Security framework and a self-restricting setuid
helper tool, you have much greater flexibility when making these
decisions.
Having said all that, there are a lot of tough decisions which require
a deep understanding of the security issues involved. If you can't
read and understand the conceptual documentation, chances are you're
not qualified to be writing code which runs as root. Sorry.
-- Finlay
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden