• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Confused about AuthorizationExecuteWithPrivileges and suid
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Confused about AuthorizationExecuteWithPrivileges and suid

  • Subject: Re: Confused about AuthorizationExecuteWithPrivileges and suid
  • From: Jason Coco <email@hidden>
  • Date: Wed, 11 Jun 2008 21:49:12 -0400
The documentation is talking about using AuthorizationExecuteWithPrivleges() to repair a setuid tool that you may have already created. It is also suggesting that you use the setuid tool method rather than using AuthorizationExecuteWithPrivleges(). In this way, the setuid tool can limit itself to only doing a specific task. It can also ensure that its caller is authorized to call it and abort in any other circumstance.

All that said, you don't need any setuid bit in order to call AuthorizationExecuteWithPrivleges() (neither on the calling application nor on the target application).

/jac

On Jun 11, 2008, at 21:34 , Eyal Redler wrote:

Hi All,

I need to access some files in the Applications folder and in order to do so I did the following:

1. I've created a tool that copies the files into the Applications folder (using NSFileManager)
2. I'm invoking the tool using AuthorizationExecuteWithPrivileges()
3. In the tool I'm calling setuid(geteuid()) at the begining
4. The tool does not have its setuid bit set

This setup seems to work fine without doing anything regarding the setuid bit yet the (very unclear and confusing) documentation seems to refer to AuthorizationExecuteWithPrivileges as something you use to run a setuid tool.

Should I set the setuid bit? Why?

TIA

Eyal Redler
------------------------------------------------------------------------------------------------
"If Uri Geller bends spoons with divine powers, then he's doing it the hard way."
--James Randi
www.eyalredler.com


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
@gmail.com

This email sent to email@hidden 

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: Confused about AuthorizationExecuteWithPrivileges and suid

      • From: "Stephen J. Butler" <email@hidden>
      • 





References: 


 >Confused about AuthorizationExecuteWithPrivileges and suid (From: Eyal Redler <email@hidden>)






    

  • Prev by Date:
Confused about AuthorizationExecuteWithPrivileges and suid

    • 

  • Next by Date:
Re: Confused about AuthorizationExecuteWithPrivileges and suid

    • 

  • Previous by thread:
Confused about AuthorizationExecuteWithPrivileges and suid

    • 

  • Next by thread:
Re: Confused about AuthorizationExecuteWithPrivileges and suid

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •