• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Security - Write to protected directory
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security - Write to protected directory

  • Subject: Security - Write to protected directory
  • From: Kelly Graus <email@hidden>
  • Date: Thu, 2 Oct 2008 13:30:17 -0600
Hello,

I have an application that needs to be able to write to a protected directory (either Library/Application Support/ or Applications/ depending on the case). I've separated out all writing operations to a separate application, which currently is run using NSTask.

I've read the "Performing Privileged Operations With Authorization Services" documentation, which seems to mostly be about allowing an application to define custom privileged operations. The closest thing to my case is when it talks about Installers and says to use the AuthorizationExecuteWithPrivileges function. However, I've read in several places that this function is "mostly" decremented (whatever that means) and probably shouldn't be used. Also, I need the ability to wait for the separate application to finish, which is provided by NSTask but doesn't seem to be available with AuthorizationExecuteWithPrivileges.

I've also read about using a setuid tool, which would allow me to run any application as root, but I've also read that it causes problems with drag-and-drop uninstalls, since the setuid tool would be owned by root.

So my questions are:

Is the only way to allow a user to write to a protected location use the AuthorizationExecuteWithPrivileges function?
If so, is there a way to tell when the application has quit, and get the exit code?
If not, how would I go about getting sufficient privileges to write to protected locations?
Does using a setuid tool mess up the ability for a user to delete an application, assuming the setuid tool is imbedded in an application's bundle?

Thanks for any help!

Kelly
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: Security - Write to protected directory

      • From: Bill Bumgarner <email@hidden>
      • 

    • Re: Security - Write to protected directory

      • From: Nick Zitzmann <email@hidden>
      • 



    

  • Prev by Date:
Re: Newbie: Strange problem with NSTableView,	check boxes and Core Data

    • 

  • Next by Date:
Synchronous application launch

    • 

  • Previous by thread:
Re: TableView click and return key actions

    • 

  • Next by thread:
Re: Security - Write to protected directory

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •