• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: how to run my app in privileged mode
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: how to run my app in privileged mode

  • Subject: Re: how to run my app in privileged mode
  • From: Charles Srstka <email@hidden>
  • Date: Tue, 3 Jun 2008 20:16:05 -0500
On Jun 3, 2008, at 2:08 PM, Jean-Daniel Dupas wrote:

Note that you should never run a GUI application with elevated provilege, particulary an application that uses AppKit, this is EVIL.

Just to explain a bit *why* this is evil and why you absolutely should not do this, here's a little demonstration which you can try on your own machine if you like:

my-machine:~ me$ sudo -s
Password:
bash-3.2# /Applications/TextEdit.app/Contents/MacOS/TextEdit &
[1] 51668
bash-3.2# exit
exit
my-machine:~ me$ mkdir testfolder
my-machine:~ me$ touch testfolder/testfile
my-machine:~ me$ sudo chown root:wheel testfolder
my-machine:~ me$ sudo chmod 700 testfolder
my-machine:~ me$ ls -l testfolder
ls: testfolder: Permission denied
my-machine:~ me$ osascript -e 'tell application "TextEdit" to do shell script "ls -l ~/testfolder"'
-rw-r--r-- 1 me me 0 Jun 3 20:09 testfile

As you can see from the above example, if a Cocoa app is running as root, AppleScript combined with "do shell script" can be used by any unprivileged user to run commands as root. Effectively this means that if even a single Cocoa app is running as root, you've effectively given root access to every other binary on the entire system. Needless to say, that's a bad thing.

Personally, I consider this a large security flaw in OS X, since it's easily possible for a developer to do what the OP here is thinking of doing, and the user could run this without necessarily realizing what is going on, and it would open the door for any virus or trojan to become root and take over the whole system. However, every time I report this, it gets flagged as "Behaves Correctly" because GUI apps aren't supposed to run as root anyway. Well yes, they're not. But what if they *do* somehow? :-/

Charles
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >how to run my app in privileged mode (From: Nick Rogers <email@hidden>)


 >Re: how to run my app in privileged mode (From: Michael Vannorsdel <email@hidden>)


 >Re: how to run my app in privileged mode (From: Jean-Daniel Dupas <email@hidden>)






    

  • Prev by Date:
Strange Error

    • 

  • Next by Date:
Re: CoreData file format stability

    • 

  • Previous by thread:
Re: how to run my app in privileged mode

    • 

  • Next by thread:
Get and set "Auto adjust brightness when ambient light changes"	preferences

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •