• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Running Shell Script from Cocoa Application
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Running Shell Script from Cocoa Application

  • Subject: Re: Running Shell Script from Cocoa Application
  • From: glenn andreas <email@hidden>
  • Date: Mon, 8 Oct 2007 11:37:41 -0500

On Oct 8, 2007, at 11:04 AM, deepak gopal wrote:

Hi

This is how I Run my Shell Scripts. This should help.

2. Run the script:
    char *args[2];
    NSString *launchTool = @"/bin/sh";

    args[0] = (char *)[ShellScript fileSystemRepresentation];
    args[1] = NULL;

  NSLog (@"args[1] = %s", args[1]);

OSStatus status =
AuthorizationExecuteWithPrivileges(authRef_, [launchTool UTF8String], 0,
args, NULL);

    if (status == errAuthorizationCanceled) {
        NSLog (@"Canceled error");
    } else if (status != errAuthorizationSuccess) {
        NSLog (@"Failure error");
    }


Note that there are security risks when running shell scripts in a privileged context. From <http://www.faqs.org/faqs/unix-faq/faq/ part4/section-7.html>:

      Now that we have made sure the right file gets interpreted, are
      there any risks left?

      Certainly!  For shell scripts you must not forget to set the PATH
      variable to a safe path explicitly.  Can you figure out why?
      Also there is the IFS variable that might cause trouble if not
      set properly.  Other environment variables might turn out to
      compromise security as well, e.g. SHELL...  Furthermore you must
      make sure the commands in the script do not allow interactive
      shell escapes!  Then there is the umask which may have been set
      to something strange...

      Etcetera.  You should realise that a setuid script `inherits' all
      the bugs and security risks of the commands that it calls!

All in all we get the impression setuid shell scripts are quite a
risky business! You may be better off writing a C program instead!






Things like helper tools and like should be as absolutely small as possible, with the least possibility for exploitation. Don't have the tool link in a whole bunch of high level libraries (ideally, it shouldn't use anything above libc - I'd be hesitant to even use Objective-C, and certainly nothing like AppKit), don't allow for arbitrary parameters, don't embed some sort of interpreter with the ability to access other subsystems, etc... Using /bin/sh as that tool is one of the worse possible examples of such practice.




Glenn Andreas email@hidden
<http://www.gandreas.com/> wicked fun!
quadrium | flame : flame fractals & strange attractors : build, mutate, evolve, animate



_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Re: Running Shell Script from Cocoa Application (From: deepak gopal <email@hidden>)






    

  • Prev by Date:
Subclassing NSCell (was Re: Problem With implementing copyWithZone)

    • 

  • Next by Date:
timeZoneView

    • 

  • Previous by thread:
Re: Running Shell Script from Cocoa Application

    • 

  • Next by thread:
Re: Running Shell Script from Cocoa Application

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •