Re: "Safe" frameworks for privileged tools?
Re: "Safe" frameworks for privileged tools?
- Subject: Re: "Safe" frameworks for privileged tools?
- From: Michael Watson <email@hidden>
- Date: Wed, 23 Apr 2008 02:44:02 -0400
That's the hang-up. The target directory may require privilege to see.
--
m-s
On 23 Apr, 2008, at 02:42, Kevin Grant wrote:
Does the target directory require privilege to see, or does
it just happen to be used by a privileged tool?
If the latter, you could always rely on a 2nd executable
(without privilege) to examine the directory and return its
results to your privileged program.
Kevin G.
That's a good table to know/have handy. Thanks.
Okay, so LaunchServices is out as well. Is there *any* reliable way
to know if a directory is a bundle or package without using
NSWorkspace or LaunchServices? (I'm also going to have to omit
Spotlight, since I can't be guaranteed it's enabled on a given
machine.)
--
m-s
On 23 Apr, 2008, at 00:17, stephen joseph butler wrote:
On Tue, Apr 22, 2008 at 10:52 PM, Michael Watson <email@hidden
>
wrote:
I would like to use LaunchServices for this, but wasn't sure if
it was
kosher to link to ApplicationServices.framework from a privileged
tool. Are
there guidelines as to which frameworks should and shouldn't be
used in
privileged tools? I know nothing can ever be "safe", but some are
surely
more dangerous than others, and I'd love some guidance.
This is the definitive list of safe frameworks:
http://developer.apple.com/technotes/tn2005/tn2083.html#SECFRAMEWORKCROSSREFERENCE
Unfortunately, ApplicationServices is a "no". However, this blog
posts
suggests some instances where it might be safe:
http://unixjunkie.blogspot.com/2006/10/launchservices-from-root-daemon.html
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden