Authorization
Authorization
- Subject: Authorization
- From: John Joyce <email@hidden>
- Date: Sat, 26 Jan 2008 10:41:39 -0600
I'm reading the Big Nerd Ranch book Advanced Programming for Mac OS X
chapter 17 on Authorization...
I want to make sure I'm understanding this correctly.
In the example there, are they creating a redundant executable in C
along with the Obj-C files? If so, is this an extra check for
authorization or is it really this much boiler-plate code to set a
right in the Security Server?
What are people's thoughts/opinions on using
AuthorizationExecuteWithPriveledges() for simply executing features
of a wrapped task?
In this case, wrapping a well-written package manager and trying to
execute commands that install and remove packages.
The need to sudo this package manager only occurs on install/
uninstall of packages due to location of packages in directories that
are in /usr/local
While there should not be any reason this tool would step on anything
else, and if used from the terminal, these commands would typically
require sudo anyway, I don't want to create an unnecessarily risky
privilege escalation situation. At the same time, it would be
obnoxious for this app to continuously request authentication, even
just on each launch, and I really don't want to be storing a user's
password anywhere since that is definitely a slippery slope.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden